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(54) METHOD AND SYSTEM FOR AUTHENTICATION AND AUTHENTICATION 
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(57)Abstract: 

PROBLEM TO BE SOLVED: To exclude any illegal access by identifying any legal 
access with a small calculation quantity in single sign on type authentication for 
permitting plural times of access by single user authentication. 

SOLUTION: Secrecy information 4 is shared by a client means 1 and an 
authentication server means 2. The authentication server means 2 issues an 
authentication ticket 5 including collation information obtained by performing an 
irreversible arithmetic operation (f) on the secrecy information 4 (n) times. The client 



means 1 indicates this authentication ticket and presentation information obtained by 
performing an irreversible arithmetic operation (f) on the secrecy information 4 (n-k) 
times to a permission server means 3. The permission server means 3 performs the 
irreversible arithmetic operation (f) on the presented information (k) times, and 
checks whether or not this presented information matches the collation information. 
In this case, (k) is increased from 1 to (n) so that the authentication ticket 5 can be 
used for the maximum (n) times of access without calculating the next presented 
information from the past presented information. 

* NOTICES * 

JPO and INPIT are not responsible for any 
damages caused by the use of this translation. 

1. This document has been translated by computer. So the translation may not reflect 
the original precisely. 

2. **** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



CLAIMS 



[Claim(s)] 

[Claim 1]An authentication server means to publish an authentication ticket. 

An approval server means to which use of an authentication ticket is approved, and a 

client means which requires an authentication ticket of said authentication server 

means, and requires use approval of an authentication ticket of said approval server 

means. 

A client means which it is the authentication system provided with the above, and the 
number of times of effective holds an authentication ticket which is n (n is a positive 
integer), shows this, and asks for use approval, Provide an approval server means to 
which presentation information is required of said client means in response, it 
compares with said authentication ticket, and use is approved, and said authentication 
ticket, Including a ticket identifier, collation information, and the number of times of 
effective, he is given by attestation child and said collation information, Predetermined 
irreversible arithmetic operation is performed to confidential information which said 
authentication server means and said client means share n times, Said presentation 
information in case a use count of said authentication ticket is k (k is a positive 
integer below n) performs said predetermined irreversible arithmetic operation to said 



confidential information n-k times. 



[Claim 2]The authentication system according to claim 1, wherein said authentication 
server means manages user authentication information, performs a user 
authentication procedure between said client means and publishes said authentication 
ticket. 

[Claim 3]In a user authentication procedure, generate a random number, and said 
authentication server means shows this, requires attestation presentation information 
of said client means, and it said confidential information, The authentication system 
according to claim 2, wherein it performs said predetermined irreversible arithmetic 
operation to connection by said user authentication information and said random 
numbers once or more and said attestation presentation information performs said 
predetermined irreversible arithmetic operation to said confidential information n 
times. 

[Claim 4]Said authentication server means generates a random number in a user 
authentication procedure, shows this, and requires attestation presentation 
information of a client means, Said attestation presentation information is an 
EXCLUSIVE-OR-operation result of what performed said predetermined irreversible 
arithmetic operation to connection by said user authentication information and said 
random numbers once or more, and a random number for attestation which said client 
means generated, The authentication system according to claim 2, wherein said 
confidential information is said random number for attestation counted backward from 
said attestation presentation information. 

[Claim 5]The authentication system according to any one of claims 2 to 4, wherein 

said user authentication information is a password entered by user. 

[Claim 6]The authentication system according to any one of claims 2 to 4, wherein 

said user authentication information is the common key system encryption key held in 

secrecy. 

[Claim 7]The authentication system according to any one of claims 1 to 6, wherein 
said attestation child is a message authorization code. 

[Claim 8]The authentication system according to any one of claims 1 to 6, wherein 
said attestation child is a digital signature. 

[Claim 9]The authentication system according to any one of claims 1 to 8, wherein 
said predetermined irreversible arithmetic operation is tropism hash operation on the 
other hand. 

[Claim 10]The authentication system according to any one of claims 1 to 9, wherein 
said authentication ticket contains a server identifier. 

[Claim 1 1]The authentication system according to any one of claims 1 to 10, wherein 
said authentication ticket includes the time of the date of issue. 

[Claim 12]Said authentication ticket including a publisher identifier said approval 



server means, While carrying out use approval, collation information of said 
authentication ticket, the number of times of effective, the time of the date of issue, a 
publisher identifier, and an attestation child are updated, The authentication system 
according to claim 1 1, wherein said collation information is updated by what performed 
said predetermined irreversible arithmetic operation to said confidential information 
n-k times and said number of times of effective is updated by n-k. 
[Claim 13]The authentication system according to any one of claims 1 to 12, wherein 
said approval server means has managed a use count of said authentication ticket, 
shows this and requires presentation information. 

[Claim 14]The authentication system according to any one of claims 1 to 12, wherein 
said client means has managed a use count of said authentication ticket, shows this 
with said authentication ticket and asks for use approval. 

[Claim 15]Have said two or more approval server means and an authentication ticket 
management tool which manages a use count of said authentication ticket, and said 
client means, Have managed a use count of said authentication ticket, with said 
authentication ticket, this is shown, ask for use approval, and said authentication 
server means, While publishing said authentication ticket, point to shelf registration of 
said authentication ticket to said authentication ticket management tool, and said 
approval server means, The authentication system according to any one of claims 1 to 
1 1 not carrying out use approval when it points to renewal of a history of said 
authentication ticket to said authentication ticket management tool in response to 
presentation of said authentication ticket and a rejected note is received from said 
authentication ticket management tool. 

[Claim 16]Said approval server means two or more preparations and said client means, 
Have managed a use count of said authentication ticket, with said authentication 
ticket, this is shown, ask for use approval, and said authentication server means, 
Memorize an issuance history, while publishing said authentication ticket, and said 
approval server means, Memorize an update history, while updating said 
authentication ticket, and it refers for a history of said authentication ticket to said 
authentication server means which a publisher identifier of said authentication ticket 
shows in response to presentation of said authentication ticket, or said approval 
server means, The authentication system according to claim 12 not carrying out use 
approval when a rejected note is received from said authentication server means or 
said approval server means. 

[Claim 17]It is what said approval server means generates a random number in a use 
approval procedure, shows this, and requires presentation information, The 
authentication system according to any one of claims 14 to 16, wherein said 
presentation information in case a use count of said authentication ticket is k is an 
EXCLUSIVE-OR-operation result of what performed said predetermined irreversible 
arithmetic operation to said confidential information n-k times, and said random 



number. 

[Claim 18]An authentication server means to publish an authentication ticket. 

An approval server means to which use of an authentication ticket is approved, and a 

client means which requires an authentication ticket of said authentication server 

means, and requires use approval of an authentication ticket of said approval server 

means. 

An input means from which it is the authentication system provided with the above, 
and said client means obtains an input of the number of times of effective of a 
user-identification child, user authentication information, a server identifier, and an 
authentication ticket, Ticket holding mechanism which obtains and holds an 
authentication ticket from said authentication server means, and is shown to said 
approval server means, A processing selecting means which acquires existence 
information on an authentication ticket and chooses processing from said ticket 
holding mechanism, A hash means to obtain a random number and to perform hash 
operation to these connection from said authentication server means while acquiring 
user authentication information from said input means, A secret memory measure 
which memorizes in secrecy a hash value obtained from said hash means, Take out a 
hash value from said secret memory measure, and the number of times n of effective 
(n is a positive integer) is obtained from said input means in a user authentication 
procedure, A multi stage hash value which performed and obtained hash operation of n 
stage is sent to said authentication server means, In a use approval procedure, the 
using frequency k (k is a positive integer below n) is obtained from said approval 
server means, An authentication information storage means which possessed a multi 
stage hash means to send a multi stage hash value which performed and obtained 
hash operation of a n~k stage to said approval server means and in which user 
authentication information was accumulated for said authentication server means, 
The 2nd multi stage hash means that performs n+1 step of hash operation to 
connection by random number generating means which generates a random number 
and is sent to said client means, and user authentication information acquired from 
said authentication information storage means and a random number generated by 
said random number generating means, An attestation collation means compared with 
a multi stage hash value which obtained a multi stage hash value obtained from said 
client means by said 2nd multi stage hash means, a ticket identifier creating means 
which generates an effective ticket identifier, and attestation which clocks time and 
outputs time information — a time check — with a means. A ticket identifier obtained 
from said ticket identifier creating means, a multi stage hash value obtained from said 
attestation collation means, a server identifier obtained from said client means and 
the number of times of effective, and said attestation — a time check — a time stamp 
based on time information acquired from a means. And an attestation child is added to 
connection of a publisher identifier which shows an authentication server means, 



approval which an attestation child addition means sent to said client means as an 
authentication ticket is provided, and said approval server means clocks an 
attestation child verifying means which verifies an attestation child of an 
authentication ticket who got from said client means, and time, and outputs time 
information — a time check — with a means, the validity of a server identifier and a 
time stamp, and said approval — a time check — with a ticket effective judging means 
which checks the validity of a difference with time information acquired from a means. 
A ticket use management tool which remains with a ticket identifier of an 
authentication ticket, and using frequency, and manages the number of times of 
available, The 3rd multi stage hash means that outputs a secondary multi stage hash 
value which performed and obtained hash operation of k stage from said ticket use 
management tool to a multi stage hash value which obtained the using frequency k 
and was obtained from said client means, An approval collation means which 
compares a multi stage hash value obtained from said ticket use management tool and 
a secondary multi stage hash value obtained from said 3rd multi stage hash means is 
provided. 

[Claim 19]The authentication system comprising according to claim 18: 
A server common key memory measure said attestation child addition means 
remembers a common key system encryption key shared between servers to be. 
A self-identifier storage means which memorizes a self-identifier. 
Data connecting mechanism which connects a ticket identifier, a multi stage hash 
value, the number of times of effective, a time stamp, a server identifier, and a 
publisher identifier obtained from said self-identifier storage means. 
A connection data hash means to perform hash operation to connection data obtained 
from said data connecting mechanism, A common key system cryptographer stage 
which enciphers a hash value obtained from said connection data hash means using a 
common key system encryption key obtained from said server common key memory 
measure, and is made into an attestation child, Attestation child connecting 
mechanism which connects connection data obtained from said data connecting 
mechanism and an attestation child who got from said common key system 
cryptographer stage is provided, The 2nd server common key memory measure that 
memorizes a common key system encryption key which said attestation child verifying 
means shares between servers, Attestation child separating mechanism which divides 
an authentication ticket into connection data and an attestation child, A data 
separation means which divides into a ticket identifier, a multi stage hash value, the 
number of times of effective, a time stamp, a server identifier, and a publisher 
identifier connection data obtained from said attestation child separating mechanism, 
The 2nd connection data hash means that performs hash operation to connection 
data obtained from said attestation child separating mechanism, The 2nd common key 



system cryptographer stage that enciphers a hash value obtained from said 2nd 
connection data hash means using a common key system encryption key obtained 
from said 2nd server common key memory measure, and is made into an attestation 
child for comparison, A publisher identifier collation means which confirms that a 
publisher identifier obtained from said data separation means is an effective server 
identifier, A comparison means to compare an attestation child for comparison who 
got from said 2nd common key system cryptographer stage with an attestation child 
who got from said attestation child separating mechanism when a collated result 
obtained from said publisher identifier collation means showed validity, and to output a 
result. 

[Claim 20]The authentication system comprising according to claim 18: 
A self-secret key memory measure said attestation child addition means remembers a 
public key system code secret key of an authentication server to be in secrecy. 
A self-identifier storage means which memorizes a self-identifier. 
Data connecting mechanism which connects a ticket identifier, a multi stage hash 
value, the number of times of effective, a time stamp, a server identifier, and a 
publisher identifier obtained from said self-identifier storage means. 
A connection data hash means to perform hash operation to connection data obtained 
from said data connecting mechanism, A public key system cryptographer stage which 
enciphers a hash value obtained from said connection data hash means using a public 
key system code secret key obtained from said self-secret key memory measure, and 
is made into an attestation child, Attestation child separating mechanism which 
possesses attestation child connecting mechanism which connects connection data 
obtained from said data connecting mechanism, and an attestation child who got from 
said public key system cryptographer stage and from which said attestation child 
verifying means separates an authentication ticket into connection data and an 
attestation child, A data separation means which separates into a ticket identifier, a 
multi stage hash value, the number of times of effective, a time stamp, a server 
identifier, and a publisher identifier, and outputs connection data obtained from said 
attestation child separating mechanism, The 2nd connection data hash means that 
performs hash operation to connection data obtained from said attestation child 
separating mechanism, A server public key accumulation means which outputs a 
public key system code public key corresponding to a publisher identifier which a 
public key system code public key of an effective server was accumulated, and was 
obtained from said data separation means, A public key system decoding means which 
decodes an attestation child who got from said attestation child separating 
mechanism using a public key system code public key obtained from said server public 
key accumulation means, and is made into a hash value for comparison, A comparison 
means to compare a hash value obtained from said connection data hash means with a 



hash value for comparison obtained from said public key system decoding means, and 
to output a result. 

[Claim 21]Said client means possesses an authentication random number creating 
means and the 1st exclusive OR means, and them said random number generating 
means for attestation, In a user authentication procedure, generate a random number 
for attestation, and said 1st exclusive OR means, A disturbance hash value which 
obtained by performing EXCLUSIVE OR operation of a random number for attestation 
obtained from said random number generating means for attestation in a user 
authentication procedure and a hash value obtained from said hash means is sent to 
said authentication server means, Memorize said secret memory measure in secrecy, 
and a random number for attestation obtained from said random number generating 
means for attestation said multi stage hash means, Take out a random number for 
attestation from said secret memory measure, and the using frequency k is obtained 
from said approval server means in a use approval procedure, A multi stage hash value 
which performed and obtained hash operation of a n-k stage is sent to said approval 
server means, Said authentication server means possesses the 2nd hash means and 
2nd exclusive OR means instead of said attestation collation means, and them said 
2nd hash means, Perform hash operation to connection by user authentication 
information acquired from said authentication information storage means, and random 
numbers generated by said random number generating means, and said 2nd exclusive 
OR means, Perform EXCLUSIVE OR operation of a hash value obtained from said 2nd 
hash means, and a disturbance hash value obtained from said client means, and a 
random number for attestation is acquired, Perform said 2nd multi stage hash means 
by random numbers for attestation obtained from said 2nd exclusive OR means, and 
hash operation of n stage said attestation child addition means, A ticket identifier 
obtained from said ticket identifier creating means, a multi stage hash value obtained 
from said 2nd multi stage hash means, a server identifier obtained from said client 
means and the number of times of effective, and said attestation — a time check a 
time stamp based on time information acquired from a means. And the authentication 
system according to any one of claims 18 to 20 adding an attestation child to 
connection of a publisher identifier which shows an authentication server means, and 
sending to said client means as an authentication ticket. 

[Claim 22]Said approval server means possesses the 3rd hash means and the 2nd 
attestation child addition means instead of said 3rd multi stage hash means, and them 
said 3rd hash means, Output a secondary multi stage hash value which performed and 
obtained hash operation to a multi stage hash value obtained from said client means, 
and said approval collation means, Compare a multi stage hash value obtained from 
said ticket use management tool, and a secondary multi stage hash value obtained 
from said 3rd hash means, and said 2nd attestation child addition means, A ticket 



identifier, a server identifier, and the remaining using frequency which were obtained 
from said ticket use management tool, a multi stage hash value obtained from said 
client means, and said approval — a time check — a time stamp based on time 
information acquired from a means. And the authentication system according to any 
one of claims 18 to 21 adding an attestation child to connection of a publisher 
identifier which shows an approval server means, and sending to said client means as 
an authentication ticket. 

[Claim 23]Have the following and said ticket update indication means, Generate 
authentication ticket history update indication from a ticket identifier and a server 
identifier which were obtained from said attestation child verifying means when a 
decision result obtained from said ticket effective judging means showed validity, and 
using frequency obtained from said client means, and it sends to said authentication 
ticket management tool, The using frequency k obtained from said client means when 
an authentication ticket rejected note was not returned from said authentication 
ticket management tool, and a multi stage hash value obtained from said attestation 
child verifying means are outputted, Generate a random number, send said 2nd 
random number generating means to said client means and said 2nd exclusive OR 
means, and said 2nd exclusive OR means, Perform EXCLUSIVE OR operation of a 
random number obtained from said 2nd random number generating means, and a 
disturbance multi stage hash value obtained from said client means, and a multi stage 
hash value is acquired, Said 3rd multi stage hash means outputs a secondary multi 
stage hash value which performed and obtained hash operation of k stage to a multi 
stage hash value obtained from said 2nd exclusive OR means, Said authentication 
ticket management tool remains with a ticket identifier and the number of times of 
effective based on authentication ticket shelf registration directions obtained from 
said authentication server means, and a group with using frequency is managed, The 
authentication system according to any one of claims 18 to 21 which checks 
compatibility with authentication ticket history update indication obtained from said 
approval server means, and is characterized by sending an authentication ticket 
rejected note to said approval server means in the case of mismatching. 
One or more approval server means. 

An authentication ticket management tool which manages issue of an authentication 
ticket and a using state is provided, Said authentication ticket management tool 
remains with a ticket identifier and the number of times of effective based on 
authentication ticket shelf registration directions obtained from said authentication 
server means, and a group with using frequency is managed, Compatibility with 
authentication ticket history update indication obtained from said approval server 
means is checked, In the case of mismatching, send an authentication ticket rejected 
note at said approval server means, and said authentication server means possesses 
a ticket registration instruction means, and it said ticket registration instruction 



means, A ticket maintenance management tool which generates authentication ticket 
shelf registration directions from a ticket identifier obtained from said ticket identifier 
creating means, a server identifier obtained from said client means, and the number of 
times of effective, and is sent to said authentication ticket management tool, and said 
client means replaces with said ticket holding mechanism. 

Provide the 1st exclusive OR means and said ticket maintenance management tool, 
Manage using frequency, while obtaining and holding an authentication ticket from said 
authentication server means, show them to said approval server means, and said multi 
stage hash means, Take out a hash value from said secret memory measure, and a 
multi stage hash value which performed and obtained hash operation of n stage in a 
user authentication procedure is sent to said authentication server means, The using 
frequency k obtained from said ticket maintenance management tool in a use approval 
procedure is obtained, Send a multi stage hash value which performed and obtained 
hash operation of a n-k stage to said 1st exclusive OR means, and said 1st exclusive 
OR means, A ticket update indication means which performs EXCLUSIVE OR 
operation of a multi stage hash value obtained from said multi stage hash means, and 
a random number obtained from said approval server means, and sends a disturbance 
multi stage hash value of a result to said approval server means, and said approval 
server means replaces with a ticket use management tool. 
The 2nd random number generating means and the 2nd exclusive OR means. 

[Claim 24]Have the following and said renewal management tool of a ticket generates 
ticket use reference from a ticket identifier and a server identifier which were 
obtained from said attestation child verifying means when a decision result obtained 
from said ticket effective judging means showed validity, and using frequency obtained 
from said client means, It sends to said authentication server means or the 2nd 
approval server means which a publisher identifier shows, When an authentication 
ticket rejected note is not returned from said authentication server means or said 2nd 
approval server means, while outputting using frequency obtained from said client 
means, and a multi stage hash value obtained from said attestation child verifying 
means, When a ticket identifier, a server identifier, and the remaining using frequency 
are managed and ticket use reference is received from said 2nd approval server 
means, the compatibility of using frequency is checked, In the case of mismatching, 
send an authentication ticket rejected note to said 2nd approval server means, and 
said 2nd random number generating means, Generate a random number, send to said 
client means and said 2nd exclusive OR means, and said 2nd exclusive OR means, 
Perform EXCLUSIVE OR operation of a random number obtained from said 2nd 
random number generating means, and a disturbance multi stage hash value obtained 
from said client means, acquire a multi stage hash value, and said 2nd hash means. 
Output a secondary multi stage hash value which performed and obtained hash 



operation to a multi stage hash value obtained from said 2nd exclusive OR means, and 
said 2nd attestation child addition means, A ticket identifier, a server identifier, and 
the remaining using frequency which were obtained from said ticket management 
means, a multi stage hash value obtained from said 2nd exclusive OR means, and said 
approval — a time check — a time stamp based on time information acquired from a 
means. And the authentication system according to claim 22 which adds an 
attestation child to connection of a publisher identifier which shows an approval 
server means, and is characterized by sending to said client means as an 
authentication ticket. 

Provide one or more approval server means, and said authentication server means 
possesses a ticket issue management tool, and it said ticket issue management tool, A 
ticket identifier obtained from said ticket identifier creating means, a server identifier 
obtained from said client means, and the number of times of effective are managed, A 
ticket maintenance management tool which searches a ticket identifier based on 
ticket use reference obtained from said approval server means, checks the 
compatibility of using frequency, and sends an authentication ticket rejected note at 
said approval server means in the case of mismatching, and said client means replaces 
with said ticket holding mechanism. 

Provide the 1st exclusive OR means and said ticket maintenance management tool, 
Manage using frequency, while obtaining and holding an authentication ticket from said 
authentication server means, show them to said approval server means, and said multi 
stage hash means, Take out a hash value from said secret memory measure, and a 
multi stage hash value which performed and obtained hash operation of n stage in a 
user authentication procedure is sent to said authentication server means, The using 
frequency k obtained from said ticket maintenance management tool in a use approval 
procedure is obtained, Send a multi stage hash value which performed and obtained 
hash operation of a n-k stage to said 1st exclusive OR means, and said 1st exclusive 
OR means, A renewal management tool of a ticket which performs EXCLUSIVE OR 
operation of a multi stage hash value obtained from said multi stage hash means, and 
a random number obtained from said approval server means, and sends a disturbance 
multi stage hash value of a result to said approval server means, and said approval 
server means replaces with said ticket use management tool. 
The 2nd random number generating means and 2nd exclusive OR means. 

[Claim 25]An authentication server means to publish an authentication ticket. 

An approval server means to which use of an authentication ticket is approved. 

A client means which requires an authentication ticket of said authentication server 

means, and requires use approval of an authentication ticket of said approval server 

means. 

Are the above the authentication method which it had and from an authentication 



server means to a client means. . Include predetermined irreversible arithmetic 
operation for n (n is positive integer) time almsgiving ********** in confidential 
information which an authentication server means and a client means share. The 
number of times of effective publishes an authentication ticket which is n, and it a 
client means, Said authentication ticket is shown in an approval server means, ask for 
use approval, and to a demand of presentation information on an approval server 
means a client means, When a use count of said authentication ticket is k (k is a 
positive integer below n), The result of an operation which performed said 
predetermined irreversible arithmetic operation to said confidential information n-k 
times is shown as said presentation information, an approval server means performs 
said predetermined irreversible arithmetic operation to said presentation information k 
times, and coincidence with the result of an operation and said collation information is 
identified. 

[Claim 26]An authentication server means to publish an authentication ticket. 

An approval server means to which use of an authentication ticket is approved. 

A client means which requires an authentication ticket of said authentication server 

means, and requires use approval of an authentication ticket of said approval server 

means. 

Are the above the authentication method which it had and from an authentication 
server means to a client means. . Include predetermined irreversible arithmetic 
operation for n (n is positive integer) time almsgiving ********** in confidential 
information which an authentication server means and a client means share. The 
number of times of effective publishes an authentication ticket which is n, and it a 
client means, Said authentication ticket is shown in an approval server means, ask for 
use approval, and to a demand of presentation information on an approval server 
means a client means, When a use count of said authentication ticket is k (k is a 
positive integer below n), Show the result of an operation which performed said 
predetermined irreversible arithmetic operation to said confidential information n-k 
times as said presentation information, and an approval server means, While 
performing said predetermined irreversible arithmetic operation to said presentation 
information once and identifying coincidence with the result of an operation and said 
collation information, collation information included in said authentication ticket is 
updated to the result of an operation which performed said predetermined irreversible 
arithmetic operation to said confidential information n-k times. 

[Claim 27]Said authentication server means shows a random number to a client 
means which requires an authentication ticket, requires attestation presentation 
information, and it a client means, Show the result of an operation which performed 
said predetermined irreversible arithmetic operation to connection by user 



authentication information and said random numbers once [ n+] as said attestation 
presentation information, and an authentication server means, Said predetermined 
irreversible arithmetic operation is performed to connection by user authentication 
information currently held and said random numbers once [ n+], If coincidence with 
the result of an operation and said attestation presentation information is checked, 
the result of an operation which performed said predetermined irreversible arithmetic 
operation to connection by said user authentication information and said random 
numbers once will be made into said confidential information, The authentication 
method according to claim 25 or 26 publishing an authentication ticket which includes 
n (n is positive integer) time almsgiving ****** collation information for predetermined 
irreversible arithmetic operation in this. 

[Claim 28]Said authentication server means shows a random number to a client 
means which requires an authentication ticket, requires attestation presentation 
information, and it a client means, An EXCLUSIVE-OR-operation result of what 
performed said predetermined irreversible arithmetic operation to connection by user 
authentication information and said random numbers once or more, and a random 
number for attestation which a client means generated is shown as said attestation 
presentation information, An authentication server means counts said random number 
for attestation backward from said attestation presentation information using user 
authentication information currently held and said random number, and makes said 
random number for attestation said confidential information, The authentication 
method according to claim 25 or 26 publishing an authentication ticket which includes 
n (n is positive integer) time almsgiving ****** collation information for predetermined 
irreversible arithmetic operation in this. 

[Claim 29]An authenticating processing program recording medium which recorded a 
processing program of an authentication method performed by the authentication 
system according to any one of claims 1 to 24, or the authentication method 
according to any one of claims 25 to 28 in form which an electronic computer can read. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention]. This invention permits access of multiple times with one 
processing in which the validity of a client apparatus accessing a server apparatus is 
judged. Cipher processing in a client apparatus is made unnecessary, and it enables it 
to process also with a device with low computation capability especially about single 
sign-on type an authentication method and an authentication system. 



[0002] 

[Description of the Prior Art]In recent years, the server client type system which 
comprises the server apparatus and client apparatus which were connected via the 
network is general with development of digital communication technique. In such a 
server client type system, it is important that it checks that a client apparatus and its 
user have the just authority to access a server apparatus, and unjust access is made 
not to be performed. Although what is depended on password input is well known as 
an authentication method which checks this access permission, While the method of 
asking for password input whenever it accesses is safe, since it is inconvenient, for a 
user, a single sign-on [ which raised convenience ] type authentication method has 
come to be used. Generally as such a single sign-on type authentication method, TTP 
(Trusted Third-party Protocol) used by a Kerberos authentication system is known, 
for example. 

[0003] Hereafter, it explains, referring to drawings for a conventional single sign-on 
type authentication method. Drawing 23 is a key map showing the outline of a 
conventional single sign-on type authentication method, and drawing 24 is a protocol 
sequence diagram showing a protocol. In drawing 23 and drawing 24 , they are a client 
means in which 81 has a user interface, an authentication server means by which 82 
performs user authentication, and an approval server means which 83 judges an 
access permission and performs use approval. 

[0004]In the user authentication procedure of the client means 81 and the 
authentication server means 82, The client means 81 sends authentication demand 
Authenticate Request801 which became also considering the user-identification child 
UID inputted via the user interface, and the server identifier SID as attestation 
presentation information to the authentication server means 82, On the other hand, 
the authentication server means 82 returns authentication reply Authorize 
Request802 accompanied by session key SK enciphered considering the password PW 
as a key with authentication ticket Ticket803. 

[0005]In the use approval procedure of the client means 81 and the approval server 
means 83, Approval demand Authorize Request804 which became also considering 
the user-identification child UID as whom the client means 81 was enciphered by 
session key SK, and the time stamp TSk as presentation information is sent to the 
approval server means 83 with authentication ticket Ticket805, On the other hand, the 
approval server means 83 verifies the presentation information and authentication 
ticket Ticket805 in authentication demand Authorize Request804, and if it admits 
being just, it will return notice Resultof approval806. 

[0006]It explains in a conventional single sign-on type authentication method with the 
above protocol sequences, referring to drawing 25 for the composition below. Drawing 
25 is a functional block diagram showing the composition of a conventional single 
sign-on type authentication method. Also in drawing 25 , they are a client means in 



which 81 has a user interface, an authentication server means by which 82 performs 
user authentication, and an approval server means which 83 judges an access 
permission and performs use approval. 

[0007]The 1st transmission and reception means 311 in which the client means 81 
transmits and receives data, The input means 81 1 which obtains the input from a user, 
and the session key decoding means 812 which decodes the received session key, 
The ticket holding mechanism 314 holding the received authentication ticket, and the 
processing selecting means 315 which chooses processing according to the holding 
state of an authentication ticket, the secret memory measure 316 which memorizes 
the decoded session key in secrecy, and the proof which clocks time — a time check 

— it comprises the means 813 and the certification information cryptographer stage 
814 which enciphers attested certification information using a session key. 
[0008]The 2nd transmission and reception means 321 in which the authentication 
server means 82 transmits and receives data, the attestation which clocks time — a 
time check — with the means 322 and the authentication information storage means 
323 in which the user authentication information of a password etc. was accumulated. 
It comprises the session key creating means 821 which generates an encryption key 
for every user authentication processing, the session key cryptographer stage 822 
which enciphers a session key using a password, and the ticket cryptographer stage 
823 which enciphers an authentication ticket using a session key. 

[0009]The 3rd transmission and reception means 331 in which the approval server 
means 83 transmits and receives data, the approval which clocks time — a time check 

— with the means 332 and the ticket decoding means 831 which decodes an 
authentication ticket. The ticket effective judging means 832 which performs the 
validity judging of an authentication ticket, It comprises the approval collation means 
835 which carries out comparative collation of the certification information decoding 
means 833 which decrypts attested certification information, the certification 
information effective judging means 834 which performs the validity judging of 
attested certification information, and the contents of the authentication ticket and 
the contents of attested certification information. 

[0010]lt explains in the conventional single sign-on type authentication method 
constituted as mentioned above, referring to drawing 26 f or the operation below. First, 
in the client means 81 , The user-identification child UID who shows the user itself, the 
password PW for user authentication beforehand registered into the authentication 
server means 82, and the server identifier SID of the object which obtains use 
approval are inputted into the input means 811 as the user input 800 (ST3101, 
ST81 01 ). The input means 81 1 takes out the server identifier 3101, and sends it to the 
ticket holding mechanism 314 while it holds the user input 800 temporarily. The ticket 
holding mechanism 314 searches the authentication ticket data corresponding to the 
server identifier 3101 (ST3102), and sends the notice 3102 of search results to the 



processing selecting means 315. When the notice 3102 of search results shows 
non-**, the processing selecting means 315, When the user authentication processing 
starting information 8101 is sent to said input means 81 1 and owner ** is shown, the 
use approval procedure starting information 8102 is sent to said ticket holding 
mechanism 314, the secret memory measure 316, and the certification information 
cryptographer stage 814 (ST3103). 

[001 1 ]If the user authentication starting information 8101 is given, said input means 
811, The group 8103 of the user-identification child and server identifier which were 
taken out from the user input 800 held temporarily is sent to the authentication server 
means 82 as authentication demand Authenticate Request801 via the 1st 
transmission and reception means 31 1 (ST8102), The user-identification child 8104 is 
seen off in the certification information cryptographer stage 814, and the password 
8105 is sent to the session key decoding means 812. 

[0012]In the authentication server means 82, authentication demand Authenticate 
Request801 is received by the 2nd transmission and reception means 321, The 
taken-out user-identification child 8201 is seen off in the authentication information 
storage means 323 and the ticket cryptographer stage 823, and the server identifier 
8202 is sent to the ticket cryptographer stage 823 (ST8201). The authentication 
information storage means 323 searches the password corresponding to the 
user-identification child 8201 (ST8202), In being, it sends the password 8203 to the 
session key cryptographer stage 822, and the notice 8204 of search results is sent to 
the session key creating means 821 and the session key cryptographer stage 822 
(ST8203). When the notice 8204 of search results shows owner **, the session key 
creating means 821 newly generates the random session key 8205, and sends it to the 
session key cryptographer stage 822 and the ticket cryptographer stage 823 (ST8204). 
When the notice 8204 of search results shows owner **, the session key 
cryptographer stage 822, The encryption session key 8206 which enciphered the 
session key 8205 using the password 8203 is generated (ST8205), This is sent to the 
client means 81 as authentication reply Authenticate Response802 via the 2nd 
transmission and reception means 321 (ST8207). attestation — a time check — the 
means 322 has clocked current time. 

The time stamp 3212 based on current time is supplied to the ticket cryptographer 
stage 823. 

Hold the ticket cryptographer stage 823 inside and the server common key 
corresponding to the server identifier 8202 is used, The authentication ticket data 
8207 which enciphered the user-identification child 8201, the server identifier 8202, 
the time stamp 3212, and the session key 8205 is generated (ST8202, ST8206), This is 
sent to the client means 81 as authentication ticket Ticket803 via the 2nd 
transmission and reception means 321 (ST8207). 

[0013]In the client means 81, authentication reply Authenticate Response802 is sent 



to the session key decoding means 812 as the encryption session key 81 06 via the 1 st 
transmission and reception means 31 1 , Authentication ticket Ticket803 is sent to said 
ticket holding mechanism 314 as the authentication ticket data 8108 via the 1st 
transmission and reception means 311 (ST8103). Said ticket holding mechanism 314 
matches the authentication ticket data 8108 with the server identifier 3101, and holds 
it (ST3112). The session key decoding means 812 decrypts the encryption session 
key 81 06 using the password 81 05 (ST81 04). Therefore, only when a right password is 
entered, a right session key can be obtained. The session key 8107 obtained by the 
session key decoding means 812 is sent to the secret memory measure 316, and is 
memorized. 

[0014]The secret memory measure 316 sends the memorized session key 8109 to the 
certification information cryptographer stage 814, when the session key 8107 is 
memorized in secrecy, only predetermined access is permitted and the use approval 
procedure starting information 8102 is given (ST8105). proof — a time check — the 
means 813 has clocked current time. 

The time stamp 81 1 0 based on current time is supplied to the certification information 
cryptographer stage 814. 

If the use approval procedure starting information 8102 is given, the certification 
information cryptographer stage 814, The attested certification information 8111 
which enciphered the user-identification child 8104 and the time stamp 8110 using 
the session key 8109 is generated (ST8106), This is sent to the approval server 
means 83 as approval demand Authorize Request804 via the 1st transmission and 
reception means 311 (ST8107). If the use approval procedure starting information 
8102 is given, said ticket holding mechanism 314, The held authentication ticket data 
81 1 2 corresponding to the server identifier 3101 is sent to the approval server means 
83 as authentication ticket Ticket805 via the 1st transmission and reception means 
311 (ST8107). 

[0015]In the approval server means 83, approval demand Authorize Request804 is 
sent to the certification information decoding means 833 as the attested certification 
information 8308 via the 3rd transmission and reception means 331, Authentication 
ticket Ticket805 is sent to the ticket decoding means 831 as the authentication ticket 
data 8301 via the 3rd transmission and reception means 331 (ST8301). The ticket 
decoding means 831 decrypts the authentication ticket data 8301 using the 
self-server common key held inside, The user-identification child 8302 and the server 
identifier 8303 which were obtained, and the time stamp 8304 are sent to the ticket 
effective judging means 832, and the session key 8305 is sent to the certification 
information decoding means 833 (ST8302). approval — a time check — the means 
332 has clocked current time. 

The current time information 8306 is supplied to the ticket effective judging means 
832 and the certification information effective judging means 834. 



While the ticket effective judging means 832 performs the coincidence decision of the 
server identifier 8303 and the self-server identifier held inside, It confirms that the 
difference of the time stamp 8304 and the current time information 8306 is within the 
limits of the predetermined term of validity, and when all are truth, the 
user-identification child 8302 is made into the ticket user-identification child 8307, 
and is seen off in the approval collation means 835 (ST3306, ST3307). The 
user-identification child 8309 and the time stamp 8310 which were produced by the 
certification information decoding means 833 decrypting the attested certification 
information 8308 using the session key 8305 are sent to the certification information 
effective judging means 834 (ST8303). Since attested certification information is 
enciphered using the session key by the client means, only when a right session key is 
used by a client means, a right user-identification child and a time stamp are obtained 
here. The certification information effective judging means 834 confirms that the 
difference of the time stamp 8310 and the current time information 8306 is within the 
limits of a predetermined time lag, When it is truth, the user-identification child 8309 is 
made into the proof user-identification child 8311, and is seen off in the approval 
collation means 835 (ST8304, ST8305). The approval collation means 835 performs 
the coincidence decision of the ticket user-identification child 8307 and the proof 
user-identification child 8311 (ST8306), If it is truth, the notice 8312 of approval will 
be sent to the client means 81 as notice Resultof approval806 via the 3rd 
transmission and reception means 331 (ST8307, ST3317), and it is received in the 
client means 81 (ST3118). When a coincidence decision becomes truth at this time, 
the user-identification child and the time stamp are obtained correctly, This shows 
that the right session key was used by the client means, and since this means that the 
right password was entered, a user authentication result and its use approval result 
will correspond. 
[0016] 

[Problem(s) to be Solved by the Invention]However, since cipher processing which 
neec | s great computational complexity in the above-mentioned conventional 
composition is used abundantly and it is necessary to perform cipher processing at 
every use approval processing by a client side especially, When client sides were a 
personal digital assistant and a device with low computation capability like a smart 
phone, it had the technical problem that it was difficult to perform use approval 
processing by practical processing time. 

[0017]Since the use count of one authentication ticket is not restricted in the 
above-mentioned conventional composition but it is only having provided the term of 
validity, Even if the code of the authentication ticket intercepted by the third party 
should have been decoded and unjust access was performed, it also had the technical 
problem that a possibility of finishing without being discovered was high. 
[0018]This invention solves such a conventional technical problem. 



The purpose does not need cipher processing in a client side, but even if it is a device 
with low computation capability, use approval processing can be performed by 
practical processing time, It is providing single sign-on type the authentication method 
and authentication system which can manage the use count of an authentication 
ticket easily. 

[0019] 

[Means for Solving the Problem]A client means which this invention holds an 
authentication ticket whose number of times of effective is n (n is a positive integer) 
to the 1st, shows this, and asks for use approval in order to solve this technical 
problem, Compare with said authentication ticket, in response, require presentation 
information, provide with an approval server means which carries out use approval, 
and said authentication ticket, He is given by attestation child including a ticket 
identifier, collation information, the number of times of effective, the time of the date 
of issue, and a server identifier, and said collation information, Predetermined 
irreversible arithmetic operation is performed to confidential information which a 
publisher and said client means of said authentication ticket share n times, Said 
presentation information in case a use count of said authentication ticket is k (k is a 
positive integer below n) is characterized by performing said predetermined 
irreversible arithmetic operation to said confidential information n-k times. 
[0020]Single sign-on type an authentication method and an authentication system 
which cannot need cipher processing in a client side, but can manage a use count of 
an authentication ticket easily by this, and can eliminate double use are obtained. 
[0021]Said authentication server means generates a random number in a user 
authentication procedure, and this is shown in the 2nd, require attestation 
presentation information of a client means, and said confidential information, Said 
predetermined irreversible arithmetic operation is performed to connection by said 
user authentication information and said random numbers once or more, and said 
attestation presentation information is characterized by performing said 
predetermined irreversible arithmetic operation to said confidential information n 
times. 

[0022]thereby — the above-mentioned effect — in addition, cipher processing in a 
client side is not needed in a user authentication procedure, and also single sign-on 
type an authentication method and an authentication system which can communalize 
data processing of attestation presentation information and data processing of 
presentation information are obtained. 

[0023]Said authentication server means generates a random number in a user 
authentication procedure, and this is shown in the 3rd, require attestation 
presentation information of a client means, and said attestation presentation 
information, It is an EXCLUSIVE-OR-operation result of what performed said 



predetermined irreversible arithmetic operation to connection by said user 
authentication information and said random numbers once or more, and a random 
number for attestation which a client means generated, and said confidential 
information is characterized by being said random number for attestation counted 
backward from said attestation presentation information. 

[0024]Thereby, it adds to the above-mentioned effect, and since collation information 
included in an authentication ticket becomes unrelated to user authentication 
information, single sign-on type a safer authentication method and an authentication 
system which even a possibility that user authentication information will be guessed 
does not have are obtained from an authentication ticket. 

[0025]It is characterized by on the other hand said predetermined irreversible 
arithmetic operation being tropism hash operation the 4th. 

[0026]Thereby, in addition to the above-mentioned effect, even if a client side is a 
device with low computation capability, single sign-on type an authentication method 
and an authentication system which can perform use approval processing by practical 
processing time are obtained. 

[0027]To the 5th, said authentication ticket including a publisher identifier said 
approval server means, While carrying out use approval, update collation information 
of said authentication ticket, the number of times of effective, the time of the date of 
issue, a publisher identifier, and an attestation child, and said collation information, It 
is what performed said predetermined irreversible arithmetic operation to said 
confidential information n-k times, and is updated, and said number of times of 
effective is characterized by being updated by n-k. 

[0028]Since it is updated in addition to the above-mentioned effect by this whenever 
it uses an authentication ticket, especially a time stamp is updated and the term of 
validity in an effective judging can be set up shorter, Single sign-on type an 
authentication method and an authentication system which possibility of an 
unauthorized use by a third party can be made smaller, and can shorten response time 
of use approval further are obtained. 

[0029]To the 6th, said client means has managed a use count of said authentication 
ticket, It is what shows this and asks for use approval with said authentication ticket, 
Have an authentication ticket management tool which manages a use count of two or 
more preparations and said authentication ticket for said approval server means, and 
said authentication server means, While publishing said authentication ticket, point to 
shelf registration of said authentication ticket to said authentication ticket 
management tool, and said approval server means, When it points to renewal of a 
history of said authentication ticket to said authentication ticket management tool in 
response to presentation of said authentication ticket and a rejected note is received 
from said authentication ticket management tool, it is characterized by not carrying 
out use approval. 



[0030]thereby — the above-mentioned effect — in addition, in a system by which an 
authentication ticket is not updated, since it becomes possible to use an 
authentication ticket in common to two or more approval servers, single sign-on type 
an authentication method and an authentication system with higher convenience are 
obtained. 

[0031 ]To the 7th, said client means has managed a use count of said authentication 
ticket With said authentication ticket, this is shown, ask for use approval, and said 
approval server means two or more preparations and said authentication server 
means, Memorize an issuance history, while publishing said authentication ticket, and 
said approval server means, Memorize an update history, while updating said 
authentication ticket, and it refers for a history of said authentication ticket to said 
authentication server means which a publisher identifier of said authentication ticket 
shows in response to presentation of said authentication ticket, or said approval 
server means, When a rejected note is received from said authentication server 
means or said approval server means, it is characterized by not carrying out use 
approval. 

[0032]thereby — the above-mentioned effect — in addition, in a system by which an 
authentication ticket is updated, since the decentralized administration of the use of 
an authentication ticket can be carried out, single sign-on type an authentication 
method and an authentication system which can lessen one management resource 
more are obtained. 
[0033] 

[Embodiment of the Invention] Hereafter, it explains, referring to drawings for an 
embodiment of the invention. 

[0034](A 1st embodiment) The authentication system of a 1st embodiment comprises 
the client means 1 with a user interface, an authentication server means 2 to perform 
user authentication, and the approval server means 3 that judges the access 
permission of the client means 1 and performs use approval, as shown in drawing 1. 
Can use a general purpose computer, a Personal Digital Assistant, a smart phone, etc. 
for the client means 1, for example, and for the authentication server means 2. For 
example, a general purpose computer, an exclusive authentication server device, etc. 
can be used, and a general purpose computer, an exclusive approval server apparatus, 
an exclusive information providing device, etc. can be used for the approval server 
means 3. 

[0035]It is connected by a cable or the wireless communication network between the 
client means 1 and the approval server means 3. Although not necessarily connected 
between the client means 1 and the authentication server means 2 in a 
communication network, it is necessary to share the confidential information 4. As 
this confidential information 4, a password, a common key system encryption key, or 
the calculated value computed from them is used, for example. 



[0036]The client means 1 holds the authentication ticket 5 used in a use approval 
procedure. The authentication server means 2 publishes this to the client means 1, 
and the authentication server means 2 makes collation information the result of 
having performed irreversible arithmetic operation f to the confidential information 4 n 
times (n is the number of times of effective of an authentication ticket), adds an 
attestation child to this, and generates the authentication ticket 5. An attestation 
child is added for the purpose of the prevention from an alteration of an 
authentication ticket, and a publisher's proof, and can use a message authorization 
code, a digital signature, etc. 

[0037]In the use approval procedure of the client means 1 and the approval server 
means 3, the result to which the client means 1 performed irreversible arithmetic 
operation f to the confidential information 4 in the n-k time (k is a use count in the use 
approval procedure of an authentication ticket) is used as the presentation 
information 6. As long as the irreversible arithmetic operation f has sufficiently safe 
irreversibility, the length of a result, and random nature, since the third party who does 
not know the confidential information 4 cannot calculate this presentation information 
6, it is shown that it is a valid user which gets to know the confidential information 4 
using this presentation information 6. Since many number of times of the irreversible 
arithmetic operation f in presentation information is performed so that it went back in 
the past and the following presentation information is also incalculable from this 
presentation information 6, there is also no necessity for encryption. 
[0038]Send the client means 1 to the approval server means 3 with the authentication 
ticket 7 currently held, and this presentation information 6 to this the approval server 
means 3, A check in agreement with the collation information which the authentication 
ticket 7 includes is performed, and the result of having carried out irreversible 
arithmetic operation f to the presentation information 6 k times with an attestation 
child's verification which the authentication ticket 7 includes will return the notice 8 of 
approval, if it admits being just. 

[0039]By this method, the client means 1 can obtain use approval to n times using the 
authentication ticket 7, without revealing the confidential information 4 to a third 
party including the approval server means 3. 

[0040]Thus, the authentication system of this embodiment is provided with the 
following. 

The client means which the number of times of effective holds the authentication 
ticket which is n (n is a positive integer), shows this, and asks for use approval. 
The approval server means which requires presentation information in response, 
compares with said authentication ticket, and carries out use approval. 

[0041]Information, including a server identifier etc., other than collation information 
can be included in said authentication ticket at the time of a ticket identifier, the 



number of times of effective, and the date of issue, and an attestation child is given to 
this. Collation information is information which performed predetermined irreversible 
arithmetic operation to the confidential information which the publisher and client 
means of an authentication ticket share n times. Said presentation information is 
information which performed predetermined irreversible arithmetic operation to said 
confidential information n-k times, when the use count of an authentication ticket is k 
(k is a positive integer below n). 

[0042]Single sign-on type the authentication method and authentication system 
which cannot need cipher processing in a client side, but can manage the use count of 
an authentication ticket easily, and can eliminate double use by such composition are 
obtained. 

[0043](A 2nd embodiment) In the authentication system of a 2nd embodiment, a client 
means shows attestation presentation information to the authentication server means 
22, and requires an authentication ticket. 

[0044]The client means 1 1 in which this authentication system has a user interface as 
shown in drawing 2 , An authentication server means 12 to perform user authentication, 
and the approval server means 3 which judges the access permission of the client 
means 1 1 and performs use approval are comprised, and it is connected by the cable 
or the wireless communication network between the client means 11, the 
authentication server means 12, and the approval server means 3. This approval 
server means 3 is the same as that of a 1st embodiment ( drawing 1 ), there is, and 
again, The authentication ticket returned to the client means 11 from the 
authentication server means 12, It is the same as that of a 1st embodiment ( drawing 
1) also about the presentation information which the client means 1 1 transmits to the 
approval server means 3 and an approval ticket, and the notice 8 of approval further 
returned to the client means 1 1 from the approval server means 3. 
[0045]The client means 11 and the authentication server means 12 of this 
authentication system share the result of having performed irreversible arithmetic 
operation f to connection by the password PW entered via the user interface, and the 
random numbers R obtained from the authentication server means 12 once, as the 
confidential information 14. As long as the irreversible arithmetic operation f has 
sufficiently safe irreversibility, the length of a result, and random nature, the third 
party who does not know the password PW cannot calculate this confidential 
information 14. 

[0046]In the user authentication procedure of the client means 11 and the 
authentication server means 12, the authentication server means 12 generates a 
random number, this is shown, and attestation presentation information is required of 
the client means 11. The client means 1 1 computes the confidential information 14 by 
performing irreversible arithmetic operation f to connection by the random numbers R 
obtained from the password PW and the authentication server means 12 once, It 



sends to the authentication server means 12 by making into the attestation 
presentation information 13 the result of having performed irreversible arithmetic 
operation f to this confidential information 14 further n times (n+1 total and n are the 
number of times of effective of an authentication ticket). 

[0047]On the other hand, a check of that the confidential information 14 of the 
authentication server means 12 corresponds from the attestation presentation 
information 13 will return the authentication ticket 5 which added the attestation child 
to this by making into collation information the result of having performed irreversible 
arithmetic operation f to the confidential information 14 n times. The client means 11 
is held in order to use this in a use approval procedure. An attestation child is added 
for the purpose of the prevention from an alteration of an authentication ticket, and a 
publisher's proof, and can use a message authorization code, a digital signature, etc. 
[0048]In the use approval procedure of the client means 1 1 and the approval server 
means 3, the result to which the client means 1 1 performed irreversible arithmetic 
operation f to the confidential information 14 in the n-k time (k is a use count in the 
use approval procedure of an authentication ticket) is used as the presentation 
information 6. As long as the irreversible arithmetic operation f has sufficiently safe 
irreversibility, the length of a result, and random nature, since the third party who does 
not know the confidential information 14 cannot calculate this presentation 
information 6, it is shown that it is a valid user which gets to know the confidential 
information 14 using this presentation information 6. Since many number of times of 
the irreversible arithmetic operation f in presentation information is performed so that 
it went back in the past and the following presentation information is also incalculable 
from this presentation information 6, there is also no necessity for encryption. 
[0049]Verification of the attestation child who sends the client means 1 1 to the 
approval server means 3 with the authentication ticket 7 holding this presentation 
information 6 and in whom the authentication ticket 7 includes the approval server 
means 3 to this, The result of having carried out irreversible arithmetic operation f to 
the presentation information 6 k times performs a check in agreement with the 
collation information which the authentication ticket 7 includes, and if it admits being 
just, the notice 8 of approval will be returned. 

[0050]By this method, the client means 11 can obtain use approval to n times using 
the authentication ticket 7, without revealing the confidential information 14 and the 
password PW to a third party including the approval server means 3. 
[0051]Thus, in the authentication system of this embodiment, an authentication 
server means generates a random number in a user authentication procedure, shows 
this, and requires attestation presentation information of a client means. As 
confidential information at this time, what performed predetermined irreversible 
arithmetic operation to connection by user authentication information and random 
numbers once or more is used, and what performed predetermined irreversible 



arithmetic operation to this confidential information n times as attestation 
presentation information is shown. 

[0052]such composition — the effect of a 1st embodiment — in addition, also in a 
user authentication procedure, cipher processing in a client side is unnecessary, and 
single sign-on type the authentication method and authentication system which can 
communalize data processing of attestation presentation information and data 
processing of presentation information are obtained. 

[0053](A 3rd embodiment) As shown in drawing 3 , the random number for attestation 
generated by the client means 21 is shared between the client means 21 and the 
authentication server means 22 as the confidential information 24 by the 
authentication system of a 3rd embodiment. 

[0054]In this system, in a user authentication procedure, the authentication server 
means 22 generates a random number, this is shown, and attestation presentation 
information is required of the client means 21. The client means 21 is sent to the 
authentication server means 22 by making into the attestation presentation 
information 23 the exclusive OR result of the result of having performed irreversible 
arithmetic operation f to connection by the random numbers R obtained from the 
password PW and the authentication server means 22 once, and the confidential 
information 24 which the client means 21 generated in secrecy. In drawing 3 , the sign 
"@" shows the exclusive OR (EXOR) operation. 

[0055]On the other hand, the authentication server means 22 is counted backward 
frcjm the attestation presentation information 23, the password PW, and the random 
number R, and asks for the confidential information 25. And irreversible arithmetic 
operation f is performed to this confidential information 25 n times, that result of an 
operation is made into collation information, and the authentication ticket 5 which 
added the attestation child to this is returned to the client means 21. The client 
means 21 is held in order to use this in a use approval procedure. 
[0056]Supposing the attestation presentation information 23 is suitably made from a 
third party with an inaccurate user, Even if it can obtain the authentication ticket 5 by 
the client means 21, the client means 21 does not understand the confidential 
information 25 which the server counted backward using the password PW and the 
random number R from the attestation presentation information 23. Therefore, the 
unjust access can be eliminated in a following use approval procedure. 
[0057]In the use approval procedure of the client means 21 and the approval server 
means 3, the result to which the client means 21 performed irreversible arithmetic 
operation f to the confidential information 24 in the n-k time (k is a use count in the 
use approval procedure of an authentication ticket) is used as the presentation 
information 6. As long as the irreversible arithmetic operation f has sufficiently safe 
irreversibility, the length of a result, and random nature, since the third party who does 
not know the confidential information 24 cannot calculate this presentation 



information 6, it is shown that it is a valid user which gets to know the confidential 
information 24 using this presentation information 6. Since many number of times of 
the irreversible arithmetic operation f in presentation information is performed so that 
it went back in the past and the following presentation information is also incalculable 
from this presentation information 6 f there is also no necessity for encryption. 
[0058]Verification of the attestation child who sends the client means 21 to the 
approval server means 3 with the authentication ticket 7 holding this presentation 
information 6 and in whom the authentication ticket 7 includes the approval server 
means 3 to this, The result of having carried out irreversible arithmetic operation f to 
the presentation information 6 k times performs a check in agreement with the 
collation information which the authentication ticket 7 includes, and if it admits being 
just, the notice 8 of approval will be returned. 

[0059]By this method, the client means 21 can obtain use approval to n times using 
the authentication ticket 7, without revealing the confidential information 24 and the 
password PW to a third party including the approval server means 3. 
[0060]Thus, in the authentication system of this embodiment, an authentication 
server means generates a random number in a user authentication procedure, shows 
this, and requires attestation presentation information of a client means. Attestation 
presentation information is an EXCLUSIVE-OR-operation result of what performed 
predetermined irreversible arithmetic operation to connection by user authentication 
information and said random numbers once or more, and the random number for 
attestation (confidential information) which the client means generated, and this 
confidential information is counted backward from attestation presentation 
information by an authentication server means. 

[0061]By such composition, the collation information which an authentication ticket 
includes becomes unrelated to user authentication information. Therefore, single 
sign-on type a safe authentication method and authentication system are obtained 
rather than even a possibility that user authentication information will be guessed 
from an authentication ticket cannot be found. 

[0062](A 4th embodiment) A 4th embodiment explains the block configuration of each 
means to perform the concrete communication procedure and it in the authentication 
system of a 2nd embodiment. 

[0063] Drawing 4 is a protocol sequence diagram showing the protocol in this system. 
In drawing 4 , the client means in which 31 has a user interface, an authentication 
server means by which 32 performs user authentication, and the approval server 
means which 33 judges an access permission and performs use approval are shown, 
and the sign "S (K|-)" shows the attestation child attachment function which used the 
key K. 

[0064]In the user authentication procedure of the client means 31 and the 
authentication server means 32, First, the client means 31 sends authentication 



demand Authenticate Request301 accompanied by the user-identification child UID 
and the server identifier SID which were inputted via the user interface to the 
authentication server means 32. At this time, authentication demand Authenticate 
Request301 is good also as a thing accompanied by the number of times n of effective 
of an authentication ticket. When that is not right an authentication server shall just 
define the number of times n of effective fixed. 

[0065]On the other hand, the authentication server means 32 returns attestation 
challenge Challenge302 accompanied by the random number RO generated so that it 
might differ each time. The client means 31 which received this returns attestation 
challenge answer Response303 accompanied by the result of having given n+1 step of 
hash operation H to connection by the password PW and the random number RO 
which were inputted via the user interface, On the other hand, if the authentication 
server means 32 carries out comparison verification of the n+1 -step hash operation 
result in challenge answer Response303, and the n+1 -step hash operation result 
performed itself and is in agreement, it will admit being just, Authentication ticket 
Ticket304 to which the attestation child was added with the publisher identifier IID 
which shows ticket identifier TID and n+1 -step hash operation result, time stamp TSO, 
server identifier SID, and authentication server 32 self is returned. [ which were newly 
generated ] The client means 31 is held in order to use this in a use approval 
procedure. 

[0066]In the use approval procedure of the client means 31 and the approval server 
means 33, the client means 31 sends the approval demand Authorize Request and 
authentication ticket Ticket305 to the approval server means 33. At this time, the 
approval demand Authorize Request is good also as a thing accompanied by the 
user-identification child UID. On the other hand, the approval server means 33 returns 
approval challenge Challenge306 accompanied by the value k based on the use count 
of this authentication ticket. The client means 31 which received this returns approval 
challenge answer Response307 accompanied by the result of having given hash 
operation [ of +one step of n-k ] H to connection by the password PW and the random 
numbers RO. 

[0067]Since this hash operation H cannot calculate this hash operation result for the 
sufficiently safe third party who does not know the password PW and the random 
number RO as long as it, on the other hand, has tropism, the length of a result, and 
random nature, It is shown that it is a valid user which gets to know the password PW 
by this hash operation result. Since many number of stageses of hash operation H are 
performed so that it went back in the past and the following hash operation result is 
also incalculable from this hash operation result, there is also no necessity for 
encryption. As such hash operation H [ like ], algorithms, such as MD5 and SHA, can 
be used, for example. 

[0068]On the other hand, the approval server means 32 carries out comparison 



verification of the result of having performed hash operation of k stage to the +1 step 
of n-k hash operation result in approval challenge answer Response307 further, and 
the n+1-step hash operation result in authentication ticket Ticket, If in agreement, it 
will admit being just and notice Resultof approval308 will be returned. At this time, the 
notice 308 of approval is good also as a thing simultaneously accompanied by the 
information Info to which access was permitted by use approval. 
[0069]By the above protocol sequences, the client means 31 can obtain use approval 
to n times using the authentication ticket 304, without revealing the password PW to a 
third party including the approval server means 33. 

[0070]It explains referring to the functional block diagram of drawing 5 for the 

composition with such a protocol sequence of an authentication system. 

[0071]In drawing 5 , they are a client means in which 31 has a user interface, an 

authentication server means by which 32 performs user authentication, and an 

approval server means which 33 judges an access permission and performs use 

approval. 

[0072]The client means 31 is provided with the following. 

The 1st transmission and reception means 31 1 that transmits and receives data. 

The input means 312 which obtains the input from a user. 

A hash means 313 to connect two inputs and to perform hash operation H. 

The ticket holding mechanism 314 holding the received authentication ticket, and the 

processing selecting means 315 which chooses processing according to the holding 

state of an authentication ticket A multi stage hash means 317 to perform hash 

operation of the secret memory measure 316 which memorizes a hash operation 

result in secrecy, and the given number of stages or the number of stages of the 

difference of two given numerical values. 

[0073]According to the kind of communication network, the 1st transmission and 
reception means 311 For example, LAN interface devices, such as a LAN card, 
Telephone interfacing units, such as ISDN interface devices, such as a terminal 
adopter, and a modem, It is good also as composition which comprises infrared ray 
interface devices, such as wireless interface devices, such as a portable data 
communication card and a PIAFS card, and an IrDA module, etc., and uses these some 
properly according to a communications partner. The input means 312 comprises 
pointing devices and selection buttons, such as character input devices, such as a 
keyboard and a ten key, a mouse, a trackball, and a pen tablet, combination of a dial 
and a display screen, or a touch panel, for example. The hash means 313 is 
constituted, for example combining a logic circuit and the arithmetic circuit 
incorporating the algorithm of hash operation H. As for the ticket holding mechanism 
314, a memory circuit is used, for example. A logic circuit can be used for the 
processing selecting means 315, for example. The secret memory measure 316 is 



constituted by the memory device which had Tampa-proof nature like an IC card, for 
example. The multi stage hash means 317 adds the arithmetic circuit etc. which 
search for the difference of the counter which counts the connection which feeds 
back an output to the arithmetic circuit which incorporated the algorithm of hash 
operation H, for example, and a number of stages, or a numerical value, and is 
constituted. Each above-mentioned means may be realized using the computer 
program on a microcomputer or a general purpose computer. Or it may record on a 
program recording medium in the form which can read the computer program, and the 
composition combined with the program-recording-medium reader may realize. 
[0074]The authentication server means 32 is provided with the following. 
The 2nd transmission and reception means 321 that transmits and receives data, 
the attestation which clocks current time — a time check — the means 322. 
The authentication information storage means 323 which accumulates the user 
authentication information of a password etc. 

The random number generating means 324 which generates a random number for 
every user authentication processing, and 2nd multi stage hash means 325 by which it 
is given and reliance also performs hash operation H of many number of stageses one, 
The attestation collation means 326 which carries out comparative collation of the 
two multi stage hash values, the ticket identifier creating means 327 which generates 
a unique ticket identifier for every authentication ticket issue, and the attestation 
child addition means 328 which generates and adds the attestation child to an 
authentication ticket. 

[0075]According to the kind of communication network, the 2nd transmission and 
reception means 321 For example, LAN interface devices, such as a LAN card, It 
comprises infrared ray interface devices, such as wireless interface devices, such as 
telephone interfacing units, such as ISDN interface devices, such as a terminal 
adopter, and a modem, a portable data communication card, and a PIAFS card, and an 
IrDA module, etc. attestation — a time check — as for the means 322, a timer 
counter is used, for example. If the authentication information storage means 323 is 
the memory device which comprised a mass memory device and had the Tampa-proof 
nature, in addition, it is good. The random number generating means 324 comprises an 
arithmetic circuit which incorporated the random number generation algorithm, for 
example, or an inverter which data-izes an electromagnetic noise. The 2nd multi stage 
hash means 325 adds the counter etc. which count the connection which feeds back 
an output to the arithmetic circuit which incorporated the algorithm of hash operation 
H, for example, and a number of stages, and is constituted. The attestation collation 
means 326 comprises a comparison circuit, for example. The ticket identifier creating 
means 327 comprises a counter circuit which had sufficient bit length, for example. 
The attestation child addition means 328 comprises the arithmetic circuit and memory 



circuit incorporating an attestation child generation algorithm. Each above-mentioned 

means may be realized using the computer program on a microcomputer or a general 

purpose computer. Or it may record on a program recording medium in the form which 

can read the computer program, and the composition combined with the 

program-recording-medium reader may realize. 

[0076]The approval server means 33 is provided with the following. 

The 3rd transmission and reception means 331 that transmits and receives data. 

the approval which clocks current time — a time check — the means 332. 

The attestation child verifying means 333 which verifies the attestation child added to 

the authentication ticket. 

The ticket effective judging means 334 which performs the validity judging of an 
authentication ticket, The ticket use management tool 335 which remains with the 
ticket identifier of an authentication ticket, and the number of times of effective, and 
manages the number of times of available, the 3rd multi stage hash means 336 that 
performs hash operation H of the given number of stages, and the approval collation 
means 337 which carries out comparative collation of the two multi stage hash values. 

[0077]According to the kind of communication network, the 3rd transmission and 
reception means 331 For example, LAN interface devices, such as a LAN card, It 
comprises infrared ray interface devices, such as wireless interface devices, such as 
telephone interfacing units, such as ISDN interface devices, such as a terminal 
adopter, and a modem, a portable data communication card, and a PIAFS card, and an 
IrDA module, etc. approval — a time check — as for the means 332, a timer counter is 
used, for example. The attestation child verifying means 333 comprises the arithmetic 
circuit and memory circuit incorporating an attestation child verification algorithm. 
The ticket effective judging means 334 is constituted by the combination of a 
comparison circuit, for example. The ticket use management tool 335 is constituted by 
the combination of the arithmetic circuit which calculates using frequency, and a mass 
memory device. For example, the 3rd multi stage hash means 336 is a change thing, 
and the preset value of a counter consists of the same arithmetic circuits as the 2nd 
multi stage hash means 325. The approval collation means 337 comprises a 
comparison circuit, for example. Each above-mentioned means may be realized using 
the computer program on a microcomputer or a general purpose computer. Or it may 
record on a program recording medium in the form which can read the computer 
program, and the composition combined with the program-recording-medium reader 
may realize. 

[0078]It explai ns in the authentication method and authentication system which were 
constituted as mentioned above, referring to drawing 6 for the operation below. Here, 
the case where authentication demand Authenticate Request301 is accompanied by 
the number of times n of authentication ticket effective is explained. 



[0079]First, in the client means 31, The user-identification child UID who shows the 
user itself, the password PW for user authentication beforehand registered into the 
authentication server means 32, the server identifier SID of the object which obtains 
use approval, and the number of times n of effective of an authentication ticket as the 
user input 300. It is inputted into the input means 312 (ST3101, ST3104). The input 
means 312 takes out the server identifier 3101, and sends it to the ticket holding 
mechanism 314 while it holds the user input 300 temporarily. The ticket holding 
mechanism 314 searches the authentication ticket data corresponding to the server 
identifier 3101 (ST3102), and sends the notice 3102 of search results to the 
processing selecting means 315. When the notice 3102 of search results shows 
non-**, the processing selecting means 315, The user authentication processing 
starting information 3103 is sent to said input means 312 and the multi stage hash 
means 317, and when owner ** is shown, (ST3103) use approval procedure starting 
information 3104 is sent to said ticket holding mechanism 314, the secret memory 
measure 316, and the multi stage hash means 317. 

[0080]If the user authentication starting information 3103 is given, said input means 
312, The group 3105 of the user-identification child and server identifier which were 
taken out from the user input 300 held temporarily, and the number of times of 
effective is sent to the authentication server means 32 as authentication demand 
Authenticate Request301 via the 1 st transmission and reception means 311 (ST3105), 
The number of times 3106 of effective is sent to the multi stage hash means 317, and 
the password 3107 is sent to the hash means 313. 

[0081]In the authentication server means 32, authentication demand Authenticate 
Request301 is received by the 2nd transmission and reception means 321, The 
taken-out user-identification child 3201 is seen off in the authentication information 
storage means 323, the number of times 3202 of effective is sent to the 2nd multi 
stage hash means 325 and attestation child addition means 328, and the server 
identifier 3203 is sent to the attestation child addition means 328 (ST3201). The 
authentication information storage means 323 searches the password corresponding 
to the user-identification child 3201 (ST3202), In being, it sends (ST3203) and the 
password 3204 to the 2nd multi stage hash means 325, and the notice 3205 of search 
results is sent to the random number generating means 324 and the 2nd multi stage 
hash means 325. 

[0082]When the notice 3205 of search results shows owner **, while the random 
number generating means 324 newly generates the challenge random number 3206 for 
data disturbance at random and sends it to the 2nd multi stage hash means 325, It 
sends to the client means 31 as attestation challenge Challenge302 via the 2nd 
transmission and reception means 321 (ST3204). When the notice 3205 of search 
results shows owner **, the 2nd multi stage hash means 325, To connection by the 
password 3204 and the challenge random numbers 3206, from the number of times 



3202 of effective, hash operation H of many number of stageses is performed one, and 
the multi stage hash value 3207 of a result is sent to the attestation collation means 
326 (ST3205). 

[0083]On the other hand, in the client means 31 , it is received by the 1 st transmission 
and reception means 311, the challenge random number 3108 is taken out, and 
attestation challenge Challenge302 is sent to the hash means 313 (ST3106). The hash 
means 313 performs hash operation H to connection by the password 3107 and the 
challenge random numbers 3108 (ST3107), and sends the hash value 3109 of a result 
to the secret memory measure 316 and the multi stage hash means 317. The secret 
memory measure 316 memorizes the hash value 3109 in secrecy, and permits only 
predetermined access, i.e., the renewal of an addition in a user authentication 
procedure and the reference in a use approval procedure, (ST3108). When the user 
authentication procedure starting information 3103 is given to the multi stage hash 
means 317, Hash operation H of the number of stages equivalent to the number of 
times 3106 of effective is performed to the hash value 3109 (ST3109), and the multi 
stage hash value 3114 of a result is sent to the authentication server means 32 as 
attestation challenge answer Response303 via the 1st transmission and reception 
means 311 (ST3110). 

[0084]On the other hand, in the authentication server means 32, it is received by the 
2nd transmission and reception means 321, the multi stage hash value 3208 is taken 
out and attestation challenge answer Response303 is sent to the attestation collation 
means 326 (ST3206). The attestation collation means 326 performs the coincidence 
decision of the multi stage hash value 3207 and the multi stage hash value 3208 
(ST3207), While sending the collated result 3209 to the ticket identifier creating 
means 327, it sends to the attestation child addition means 328 as it is by making the 
multi stage hash value 3208 into the multi stage hash value 3210. When the collated 
result 327 shows coincidence, the ticket identifier creating means 327 generates the 
effective ticket identifier 3212, and sends it to the attestation child addition means 
328 (ST3208). 

[0085]attestation — a time check — the means 322 has clocked current time and 
supplies the time stamp 3211 based on current time to the attestation child addition 
means 328. The attestation child addition means 328 connects the publisher identifier 
which shows ticket identifier 3212, multi stage hash value 3210, number-of-times [ of 
effective ] 3202, time stamp 321 1, server identifier 3203, and authentication server 32 
self, On the other hand, an attestation child is generated and added, and it is 
considered as the authentication ticket data 3213 (ST3209), and sends to the client 
means 31 as authentication ticket Ticket304 via the 2nd transmission and reception 
means 321 (ST3210). 

[0086]On the other hand, in the client means 31 , it is received by the 1 st transmission 
and reception means 311, the authentication ticket data 3110 is taken out, and 



authentication ticket Ticket304 is sent to said ticket holding mechanism 314 (ST31 1 1 ). 
Said ticket holding mechanism 314 matches the authentication ticket data 31 10 with 
the server identifier 3101, and holds it (ST3112), passing the 1st transmission and 
reception means 311 for the authentication ticket data 3111, when the use approval 
procedure starting information 3104 is given — as authentication ticket Ticket305 — 
the approval demand Authorize Request — the approval server means 33 — sending 
(ST3113). The number of times 3112 of effective is taken out from authentication 
ticket data, and it sends to the multi stage hash means 317. 

[0087]On the other hand, in the approval server means 33, it is received by the 3rd 
transmission and reception means 331, the authentication ticket data 3301 is taken 
out, and the approval demand Authorize Request accompanied by authentication 
ticket Ticket305 is sent to the attestation child verifying means 333 (ST3301). While 
the attestation child verifying means 333 verifies compatibility with data divisions 
other than the attestation child of the authentication ticket data 3301, and an 
attestation child and sends the verification result 3304 to the ticket effective judging 
means 334 (ST3304), The time stamp 3302 and the server identifier 3303 are taken 
out from a data division, the ticket identifier 3305, the multi stage hash value 3306, the 
number of times 3307 of effective, and the publisher identifier 3308 are taken out to 
the ticket effective judging means 334, and it sends to the ticket use management tool 
335, respectively. 

[0088]approval — a time check — the means 332 has clocked current time and 
supplies the time stamp 3309 based on current time to the ticket effective judging 
means 334. When the verification result 3304 shows those without an error, the ticket 
effective judging means 334 (ST3305), While performing the coincidence decision of 
the server identifier 3303 and the self-server identifier held inside (ST3302, ST3303), 
It confirms that the difference of the time stamp 3302 and the time stamp 3309 based 
on current time is within the limits of the predetermined term of validity (ST3306, 
ST3307), and when all are truth, the ticket effective notice 3310 is sent to the ticket 
use management tool 335. If security will improve if this term of validity is set up short, 
but user convenience falls and is set up for a long time, user convenience will improve, 
but since security falls, it should take into consideration and define these balance. For 
example, what is necessary is just to carry out in 12 hours in 8 hours which can cover 
the office hours on the 1st, if it applies to the business-use system by which severe 
security is not demanded, however — the shortest — the hour corresponding 
between a client - a server — and — each — a time check — it can be necessary to 
cover the time error between means 

[0089]When the ticket use management tool 335 has managed the ticket list at this 
time and the ticket effective notice 3310 is given, it is investigated whether the ticket 
identifier 3305 is used, under a ticket list is searched, and it is already registered 
(ST3308). If there is no applicable thing, the group of the number of times 3307 of 



effective as a value which remains with the ticket identifier 3305 and the number of 
times 3307 of effective, and shows the number of times of available will be added to a 
ticket list, and will be memorized (ST3309, ST3310). At this time, it may memorize in 
accordance with the multi stage hash value 3306 and the publisher identifier 3308. 
When there is this added group or a thing applicable by search, it receives that this ** 
constructs, It asks for the using frequency 3311 which the ticket use management 
tool 335 remains, reduces the number of times of available one, remains with the 
number of times of effective, and a difference with the number of times of available 
shows (ST3311), While sending this to the client means 31 as approval challenge 
Challenge306 via the 3rd transmission and reception means 331 (ST3312), it sends 
also to the 3rd multi stage hash means 336. It sends to the approval collation means 
337 as it is by making the multi stage hash value 3306 into the multi stage hash value 
3312. 

[0090]On the other hand, in the client means 31 , it is received by the 1 st transmission 
and reception means 311, the using frequency 3115 is taken out, and approval 
challenge Challenge306 is sent to the multi stage hash means 31 7 (ST31 1 4). When the 
use approval procedure starting information 3104 is given, the multi stage hash means 
31 7, The hash value 31 1 3 is obtained from said secret memory measure 316 (ST31 1 5), 
Hash operation H of the number of stages equivalent to the difference of the number 
of times 3112 of effective and the using frequency 3115 is performed to the hash 
value 3113 (ST3116), The multi stage hash value 3116 of a result is sent to the 
approval server means 33 as approval challenge answer Response307 via the 1st 
transmission and reception means 311 (ST3117). 

[0091]Since hash operation H cannot calculate this multi stage hash value 3116 for 
the sufficiently safe third party who does not know the password PW and the random 
number R0 as long as it, on the other hand, has tropism, the length of a result, and 
random nature, It is shown that it is a valid user which gets to know the password PW 
by this multi stage hash value 3116. Since many number of stageses of hash operation 
H in a multi stage hash value are performed so that it went back in the past and the 
following multi stage hash value is also incalculable from this multi stage hash value 
31 16, there is also no necessity for encryption. Generally it is supposed 100 or more 
times [ operation / code ] that it is hash operation a high speed, and if it is a suitable 
number of stages, it can process at high speed than the case where a code is used. 
[0092]On the other hand, in the approval server means 33, it is received by the 3rd 
reception means 331, the multi stage hash value 3313 is taken out, and approval 
challenge answer Response307 is sent to the 3rd multi stage hash means 336 
(ST3313). The 3rd multi stage hash means 336 performs hash operation H of the 
number of stages equivalent to the using frequency 331 1 to the multi stage hash value 
3313, and sends the secondary multi stage hash value 3314 of a result to the approval 
collation means 337 (ST3314). The approval collation means 337 performs the 



coincidence decision of the multi stage hash value 3312 and the secondary multi 
stage hash value 3314 (ST3315, ST3316), If it is truth, the notice 3315 of approval will 
be sent to the client means 31 as notice Resultof approval308 via the 3rd 
transmission and reception means 331 (ST3317), and it is received in the client means 
31 (ST3118). By this method, the client means 31 can obtain use approval to n times 
using the authentication ticket 305, without revealing the password PW to a third 
party including the approval server means 33. 

[0093]Although it had composition which calculates a multi stage hash value in the 
client means 31 at every use approval procedure in the above explanation, it is good 
also as composition which carries out precomputation of the multi stage hash value of 
all the number of stageses at the time of acquisition of an authentication ticket, and is 
memorized to the secret memory measure 316. In that case, processing time for every 
use approval procedure of what needs to use the more nearly mass Tampa-proof 
nature memory device as the secret memory measure 316 can be shortened more. 
[0094]Next, in the authentication system of a 4th embodiment shown in drawing 5 , the 
detailed example of composition and operation of the attestation child addition means 
328 at the time of using a message authorization code as an attestation child and the 
attestation child verifying means 333 are explained with reference to drawing 7 and 
drawing 8 . 

[0095]The attestation child addition means 328 is provided with the following. 

The self-identifier storage means 328A the identifier which shows the authentication 

server itself was remembered to be as shown in drawing 7 . 

Data connecting mechanism 328B which connects data. 

A connection data hash means 328C to perform hash operation h. 

The server common key memory measure 328D which memorizes the server common 

key with common authentication server means 31 and approval server means 32 

which it has as secret, the common key system cryptographer stage 328E which 

performs cipher processing of a common key system, and attestation child connecting 

mechanism 328F which connects an attestation child with data. 

[0096]This self-identifier storage means 328A comprises a memory, for example. The 
data connecting mechanism 328B can consist of logic circuits, for example. The 
connection data hash means 328C comprises an arithmetic circuit which incorporated 
the algorithm of hash operation h, for example. Hash operation h may be the same as 
hash operation H, or may differ here. If the server common key memory measure 328D 
is the memory device which comprised a memory, for example and had the 
Tampa-proof nature, in addition, it is good. The common key system cryptographer 
stage 328E comprises the arithmetic circuit or cipher-processing exclusive processor 
which incorporated the cryptographic algorithm, for example. As a cryptographic 
algorithm, DES, Triple DES, etc. can be used here, for example. The attestation child 



connecting mechanism 328F comprises a logic circuit, for example. 
[0097]The attestation child separating mechanism 333A into which the attestation 
child verifying means 333 separates an attestation child from data as shown in 
drawing 8 , The 2nd connection data hash means 333B that performs hash operation h, 
The 2nd server common key memory measure 333C that memorizes the server 
common key with common authentication server means 31 and approval server means 
32 which it has as secret, It provides with the 2nd common key system cryptographer 
stage 333D that performs cipher processing of a common key system, the data 
separation means 333E which carries out division separation of the data division, the 
publisher identifier collation means 333F which compares a publisher identifier, and 
the comparison means 333G which carries out comparison verification of the message 
authorization code. 

[0098]This attestation child separating mechanism 333A comprises a logic circuit, for 
example. The 2nd connection data hash means 333B, the 2nd server common key 
memory measure 333C, and the 2nd common key system cryptographer stage 333D 
are constituted like 328C, 328D, and 328E in drawing 7 , respectively. The data 
separation means 333E comprises a logic circuit, for example. The publisher identifier 
collation means 333F comprises a memory circuit and a comparison circuit, for 
example. The comparison means 333G is constituted by the combination of a 
comparison circuit, for example. Each above-mentioned means may be realized using 
the computer program on a microcomputer or a general purpose computer. Or it may 
record on a program recording medium in the form which can read the computer 
program, and the composition combined with the program-recording-medium reader 
may realize. 

[0099]Operation of the attestation child addition means 328 constituted as mentioned 
above and the attestation child verifying means 333 is explained. In the attestation 
child addition means 328, the identifier which shows the authentication server itself to 
the data connecting mechanism 328B from the self-identifier storage means 328A is 
first supplied as the publisher identifier 328a. The number of times 3202 of effective 
and the server identifier 3203 which acquired the data connecting mechanism 328B 
from the 2nd transmission and reception means 321, the multi stage hash value 3210 
obtained from the attestation collation means 326, and attestation — a time check — 
with the time stamp 321 1 obtained from the means 322. It arranges and connects in 
an order that the ticket identifier 3212 obtained from the ticket identifier creating 
means 327 and the publisher identifier 328a obtained from the self-identifier storage 
means 328A were able to be defined, and sends to the connection data hash means 
328C and the attestation child connecting mechanism 328F as the data division 328b. 
[0100]The connection data hash means 328C performs hash operation h to the data 
division 328b, and sends the hash value 328c of a result to the common key system 
cryptographer stage 328E. The common key system cryptographer stage 328E 



obtains the server common key 328d from the server common key memory measure 
328D, uses this for an encryption key, enciphers the hash value 328c t and sends it to 
the attestation child connecting mechanism 328F as the message authorization code 
328e. The attestation child connecting mechanism 328F connects the message 
authorization code 328e with the data division 328b, and outputs the authentication 
ticket data 3213. 

[01 01]In the attestation child verifying means 333, the authentication ticket data 3301 
is first inputted into the attestation child separating mechanism 333A, It separates 
into the message authorization code 333a and the data division 333b, and the 
message authorization code 333a is sent to the comparison means 333G, and the data 
division 333b is sent to the 2nd connection data hash means 333B and data 
separation means 333E, respectively. The 2nd connection data hash means 333B 
performs hash operation h to the data division 333b, and sends the hash value 333c of 
a result to the 2nd common key system cryptographer stage 333D. The 2nd common 
key system cryptographer stage 333D obtains the server common key 333d from the 
2nd server common key memory measure 333C, uses this for an encryption key, 
enciphers the hash value 333c, and sends it to the comparison means 333G as the 
message authorization code 333e for comparison. While it separates into the time 
stamp 3302, the server identifier 3303, the ticket identifier 3305, the multi stage hash 
value 3306, the number of times 3307 of effective, and the publisher identifier 3308 
and the data separation means 333E outputs the data division 333b, About the 
publisher identifier 3308, it sends also to the publisher identifier collation means 333F. 
The publisher identifier collation means 333F compares whether the publisher 
identifier 3308 is an identifier of the authentication server 32, and sends 333 f of 
collated results to the comparison means 333G. The comparison means 333G outputs 
the verification result 3304 based on whether 333 f of collated results show 
coincidence, or the message authorization code 333a and the message authorization 
code 333e for comparison are in agreement. Each that the verification result 3304 
shows those without an error is the case of being in agreement. 
[0102]Next, in the authentication system of a 4th embodiment of drawing 5 , the 
composition and operation of the attestation child addition means 328 at the time of 
using a digital signature as an attestation child and the attestation child verifying 
means 333 are explained with reference to drawing 9 and drawing 10 . Differing from 
drawing 7 in drawing 9 instead of the server common key memory measure 328D and 
the common key system cryptographer stage 328E, It is in the point of having formed 
the public key system cryptographer stage 328H which performs cipher processing of 
the self-secret key memory measure 328G which memorizes the public key system 
code secret key of authentication server 32 self, and a public key system. If it is the 
memory device which could use the memory, for example and had the Tampa-proof 
nature as the self-secret key memory measure 328G, in addition, it is good. As the 



public key system cryptographer stage 328H, the arithmetic circuit or 
cipher-processing exclusive processor which incorporated the cryptographic 
algorithm, for example can be used. As a cryptographic algorithm, RSA, an elliptic 
curve cryptosystem, etc. can be used here, for example. 

[0103]Differing from drawing 8 in drawing 10 The 2nd server common key memory 
measure 333C, Instead of the 2nd common key system cryptographer stage 333D and 
the publisher identifier collation means 333F, The public key system decoding means 
333J which performs decoding processing of the server public key accumulation 
means 333H which matches the public key of the authentication server means 31 with 
a server identifier, and accumulates it one or more, and a public key system code is 
established, and it is in the point of having changed connection between these. The 
server public key accumulation means 333H is good also as what accumulates not 
only the authentication server means 32 but the public key of the approval server 
means 33. As the server public key accumulation means 333H, a memory circuit can 
be used, for example, and if it is a mass memory device, in addition, it is good. As the 
public key system decoding means 333J, the arithmetic circuit or cipher-processing 
exclusive processor which incorporated the decoding algorithm, for example can be 
used. It cannot be overemphasized that the decoding algorithm corresponding to the 
cryptographic algorithm in the public key system cryptographer stage 328H is used as 
a decoding algorithm here. Each above-mentioned means may be realized using the 
computer program on a microcomputer or a general purpose computer. Or it may 
record on a program recording medium in the form which can read the computer 
program, and the composition combined with the program-recording-medium reader 
may realize. 

[0104]Operation of the attestation child addition means 328 constituted as mentioned 
above and the attestation child verifying means 333 is explained. In the attestation 
child addition means 328, the self-identifier storage means 328A, the data connecting 
mechanism 328B, Operation of the connection data hash means 328C is the same as 
that of the case of drawing 7 , the data division 328b is supplied to the attestation child 
connecting mechanism 328F, and the hash value 328c is supplied to the public key 
system cryptographer stage 328H, respectively. The public key system cryptographer 
stage 328H obtains the self-secret key 328f from the self-secret key memory 
measure 328G, uses this for an encryption key, enciphers the hash value 328c, and 
sends it to the attestation child connecting mechanism 328F as 328g of digital 
signatures. The attestation child connecting mechanism 328F connects 328 g of 
digital signatures with the data division 328b, and outputs the authentication ticket 
data 3213. 

[0105]In the attestation child verifying means 333, the authentication ticket data 3301 
is first inputted into the attestation child separating mechanism 333A, It separates 
into 333 g of digital signatures, and the data division 333b, and 333 g of digital 



signatures are sent to the public key system decoding means 333J, and the data 
division 333b is sent to the 2nd connection data hash means 333B and data 
separation means 333E, respectively. The 2nd connection data hash means 333B 
performs hash operation h to the data division 333b f and sends the hash value of 333 
h of a result to the comparison means 333G. While it separates into the time stamp 
3302, the server identifier 3303, the ticket identifier 3305, the multi stage hash value 
3306, the number of times 3307 of effective, and the publisher identifier 3308 and the 
data separation means 333E outputs the data division 333b, About the publisher 
identifier 3308, it sends also to the server public key accumulation means 333H. While 
the publisher identifier 3308 carries out search collation of whether it is an identifier 
of the known authentication server 31 (or approval server 32) and sends the collated 
result 333i to the comparison means 333G, the server public key accumulation means 
333H, The server public key 333j corresponding to the publisher identifier 3308 is sent 
to the public key system decoding means 333J. 

[0106]The public key system decoding means 333J uses the server public key 333j for 
a decode key, decrypts 333 g of digital signatures, and sends them to the comparison 
means 333G as the hash value 333k for comparison. The comparison means 333G 
outputs the verification result 3304 based on whether the collated result 333i shows 
coincidence or the hash value of 333 h and the hash value 333k for comparison are in 
agreement. Each that the verification result 3304 shows those without an error is the 
case of being in agreement. 

[0107]Thus, when an authentication system takes the composition of this embodiment, 
even if a client side is a device with low computation capability, it becomes possible to 
perform use approval processing by practical processing time. 

[0108](A 5th embodiment) A 5th embodiment explains the block configuration of each 
means to perform the concrete communication procedure and it in the authentication 
system of a 3rd embodiment. 

[0109] Drawing 11 is a protocol sequence diagram showing the protocol of the 
authentication system in a 5th embodiment. It is to differ from drawing 4 in drawing 1 1 
with the client means 41 with a user interface, and an authentication server means 42 
to perform user authentication, and the approval server means 33 does not have a 
change. .Attestation challenge answer Response401 via a user interface. The point 
accompanied by the exclusive OR result (the sign "@" shows EXCLUSIVE OR 
operation) of the result of having given 1 step of hash operation H to connection by 
the password PW and the random number R0 which were inputted, and the random 
number SO for attestation which the client means 41 generated in secrecy, 
Authentication ticket Ticket402, the point that the hash operation result by which 403 
is accompanied is a hash operation result of n stage to the random number SO for 
attestation, It differs in that the hash operation result by which approval challenge 
answer Response404 is accompanied is the hash operation of the n-k stage to the 



random number SO for attestation. 

[0110]By the above protocol sequences, the client means 41, without revealing the 
password PW to a third party including the approval server means 33, Use approval 
can be obtained to n times using the authentication ticket 402, and it does not 
become even a target of attack for stealing the password PW by an inaccurate third 
party, since the authentication tickets 402 are contents unrelated to the password 
PW, but safety is higher. 

C0 1 1 1 ] It explains referring to the functional block diagram of drawing 12 for the 
composition with such a protocol sequence of an authentication system. 
[0112]Also in drawing 12 , an authentication server means 42 to perform the client 
means 41 and user authentication with a user interface differs from drawing 5 , and the 
approval server means 33 does not have a change. Differing from the client means 31 
of drawing 5 in the client means 41 establishes the random number generating means 
411 for attestation which generates a random number for every user authentication 
processing, and the 1st exclusive OR means 412 that performs EXCLUSIVE OR 
operation for every bit, and it is at the point of having changed a part of connection. 
Differing from the authentication server means 32 of drawing 5 in the authentication 
server means 42, Instead of the 2nd multi stage hash means 325 and the attestation 
collation means 326, The 2nd exclusive OR means 422 that performs EXCLUSIVE OR 
operation for every 2nd 421 bit hash means that performs hash operation H, and the 
2nd multi stage hash means 423 that performs hash operation H of the given number 
of stages are formed, and it is in the point of having changed a part of connection. As 
the random number generating means 41 1 for attestation, the arithmetic circuit which 
incorporated the random number generation algorithm, for example, or the inverter 
which data-izes an electromagnetic noise can be used. As the 1st and 2nd exclusive 
OR means 412 and 422, a logic circuit can be used, for example. As the 2nd hash 
means 421, the arithmetic circuit which incorporated the algorithm of hash operation 
H, for example can be used. The counter etc. which count the connection which feeds 
back an output, for example to the same arithmetic circuit as 421, and a number of 
stages as the 2nd multi stage hash means 423 can be added and constituted. Each 
above-mentioned means may be realized using the computer program on a 
microcomputer or a general purpose computer. Or it may record on a program 
recording medium in the form which can read the computer program, and the 
composition combined with the program-recording-medium reader may realize. 
[0113]It explains referring to drawing 13 for operation of the authentication system 
constituted as mentioned above. Here, the case where authentication demand 
Authenticate Request301 is accompanied by the number of times n of authentication 
ticket effective is explained. 

[01 14]First, in the client means 41 and the authentication server means 42, operation 
of the 1st and 2nd transmission and reception means 311 and 321, the input means 



312, the ticket holding mechanism 314, the processing selecting means 315, the 
authentication information storage means 323, and the random number generating 
means 324 is the same as that of the case of drawing 5 and drawing 6 , It is exchanged 
in authentication demand Authenticate Request301 and attestation challenge 
Challenge302 t In the client means 41, the number of times 4201 of effective, the 
server identifier 3203, the password 3204, the notice 4202 of search results, and the 
challenge random number 3206 are obtained for the user authentication processing 
starting information 4101 or the use approval procedure starting information 3104 in 
the authentication server means 42. However, the point that the user authentication 
processing starting information 4101 is sent to said input means 312, the random 
number generating means 411 for attestation, and the 1st exclusive OR means 412, 
The point that the number of times 4201 of effective is sent to the 2nd multi stage 
hash means 423 and attestation child addition means 328, The point that the notice 
4202 of search results is sent to the 2nd hash means 421, random number generating 
means 324, and ticket identifier creating means 327, While the challenge random 
number 3206 is sent to the 2nd hash means 421, it differs in that it is sent to the 
client means 41 via the 2nd transmission and reception means 321. 
[0115]Next, in the client means 41 the random number generating means 411 for 
attestation, If the user authentication processing starting information 4101 is given, 
the random number 4102 for attestation used for an attested proof will newly be 
generated at random and in secrecy, and will be sent to the 1st exclusive OR means 
412 and secret memory measure 316 (ST4101). The secret memory measure 316 
memorizes the random number 4102 for attestation in secrecy, and permits only 
predetermined access, i.e., the renewal of an addition in a user authentication 
procedure and the reference in a use approval procedure, (ST4102). If the user 
authentication processing starting information 4101 is given, the 1st exclusive OR 
means 412, EXCLUSIVE OR operation for every bit is performed between the hash 
value 4103 and the random number 4102 for attestation which were obtained from the 
hash means 313, The disturbance hash value 4104 obtained as a result is sent to the 
authentication server means 42 as attestation challenge answer Response401 via the 
1st transmission and reception means 311 (ST4103, ST4104). 

[01 16]On the other hand, in the authentication server means 42, it is received by the 
2nd transmission and reception means 321, the disturbance hash value 4204 is taken 
out, and attestation challenge answer Response401 is sent to the 2nd exclusive OR 
means 422 (ST4202). On the other hand, when the notice 4202 of search results 
shows owner **, the 2nd hash means 421 performs hash operation H to connection by 
the password 3204 and the challenge random numbers 3206, and supplies the hash 
value 4203 of a result to the 2nd exclusive OR means 422 (ST4201). The 2nd 
exclusive OR means 422 performs EXCLUSIVE OR operation for every bit between 
the hash value 4203 obtained from the 2nd hash means 421, and the disturbance hash 



value 4204, and sends the random number 4205 for attestation obtained as a result to 
the 2nd multi stage hash means 423 (ST4203). The 2nd multi stage hash means 423 
performs hash operation H of a number of stages equivalent to the number of times 
4201 of effective to the random number 4205 for attestation, and sends the multi 
stage hash value 4206 of a result to the attestation child addition means 328 (ST4204). 
[01 17]the following and ticket identifier creating means 327 and attestation — a time 
check — operation of the means 322 and the attestation child addition means 328, 
although it is the same as that of the case of drawing 4 and drawing 5 , The point of 
using the notice 4202 of search results instead of the ticket identifier creating means 
327 being the collated result 3209, It differs in that the number of times 4201 of 
effective and the multi stage hash value 4206 are used instead of the attestation child 
addition means 328 being the number of times 3202 of effective, and the multi stage 
hash value 3210, The authentication ticket data 4207 of contents which are different 
in the authentication ticket data 321 3 is obtained (ST4205), and it is sent to the client 
means 41 as authentication ticket Ticket402 via the 2nd transmission and reception 
means 321. 

[01 18]On the other hand, in the client means 41, It operates like the case where said 
1st transmission and reception means 311 and said ticket holding mechanism 314 are 
drawing 5 and drawing 6 , When the use approval procedure starting information 3104 is 
given, authentication ticket Ticket403 is sent to the approval server means 33 with 
the approval demand Authorize Request, and the number of times 31 12 of effective is 
supplied to the multi stage hash means 317. 

[01 19]Operation of the approval server means 33 for this is the same as that of the 
case of drawing 5 and drawing 6 , and approval challenge Challenge306 is returned. 
[0120]On the other hand, in the client means 41, it operates like the case where said 
1st transmission and reception means 311 and the multi stage hash means 317 are 
drawing 5 and drawing 6 . However, it is the random number 4105 for attestation which 
is obtained from said secret memory measure 316 (ST4105), and processing is 
performed to this. Namely, the multi stage hash means 31 7 performs hash operation H 
of the number of stages equivalent to the difference of the number of times 311 2 of 
effective, and the using frequency 3115 (ST4106), The multi stage hash value 4106 of 
a result is sent to the approval server means 33 as approval challenge answer 
Response404 via the 1 st transmission and reception means 311 (ST4107). 
[01 21 ]It is only that the candidate for hash differs between the multi stage hash value 
by which approval challenge answer Response404 which the approval server means 33 
obtains by this is accompanied, and the multi stage hash value by which 
authentication ticket Ticket403 is accompanied in the case of drawing 5 and drawing 6 , 
and the operation relation between the former and the latter is maintained. Therefore, 
if operation of the approval server means 33 for this may be the same as that of the 
case of drawing 5 and drawing 6 , checks the relation of two multi stage hash values 



and accepts that it is just notice Resultof approval308 will be returned, and it is 
received in the client means 41 . By this method, without revealing the password PW to 
a third party including the approval server means 33, the password PW of the client 
means 41 is unrelated, and it can obtain use approval to n times using the higher 
authentication ticket 402 of safety. 

[0122]Although it had composition which calculates a multi stage hash value in the 
client means 41 at every use approval procedure in the above explanation, it is good 
also as composition which carries out precomputation of the multi stage hash value of 
all the number of stageses at the time of acquisition of an authentication ticket, and is 
memorized to the secret memory measure 316. In that case, processing time for every 
use approval procedure of what needs to use the more nearly mass Tampa-proof 
nature memory device as the secret memory measure 316 can be shortened more. 
[0123]Thus, when an authentication system takes the composition of this embodiment, 
even if a client side is a device with low computation capability, it becomes possible to 
perform use approval processing by practical processing time. Since the collation 
information included in an authentication ticket becomes unrelated to user 
authentication information, a possibility that user authentication information will be 
guessed disappears from an authentication ticket, and single sign-on type an 
authentication method and an authentication system with higher safety are obtained. 
[0124](A 6th embodiment) In the authentication system of a 6th embodiment, the 
authentication ticket in which using frequency was updated is sent to a client means 
with the notice of approval from an approval server. 

[0125] Drawing 14 is a protocol sequence diagram showing the protocol of this 
authentication system. In drawing 14 , the client means 51 and the approval server 
means 53 differ from drawing 4 , and the authentication server means 32 does not have 
a change. It differs in that authentication ticket Ticket501 updated by the client 
means 51 with notice Resultof approval308 from the approval server 53 is sent. 
[0126]This authentication ticket Ticket501 compared with the authentication ticket 
305, the following point is different. 

[0127]That is, the n+1-step hash operation result in the authentication ticket 305 is 
transposed to the +1 step of n~k hash operation result (k is using frequency). The 
number of times n of effective in the authentication ticket 305 remains, and it is 
transposed to number-of-times n-k of available. Time stamp TSO is transposed to the 
new time stamp TSk. The publisher identifier IID is transposed to the server identifier 
which shows approval server 53 self. A new attestation child is added. 
[0128]By this method, the client means 51 can obtain use approval to n times using 
the authentication ticket 304 or the updated authentication ticket 501, without 
revealing the password PW to a third party including the approval server means 53. 
Since the time stamp of an authentication ticket is updated each time, the term of 
validity can be set up shorter. Therefore, the period which can become a target of 



attack by an inaccurate third party becomes short, and safety is higher. Since the 
number of the hash operations in the approval server means 53 may be one, the 
response time in a use approval procedure can be shortened. 

[01 29]It explains referring to drawing 15 f or the composition with such a protocol 
sequence of an authentication system. 

[0130]In drawing 15 , the client means 51 and the approval server means 53 differ from 
drawing 5 , and the authentication server means 32 does not have a change. Differing 
from the client means 31 of drawing 5 in the client means 51 has the ticket holding 
mechanism 51 1 in the point of having enabled it to also hold the authentication ticket 
data 5101 of authentication ticket Ticket501 from the approval server means 53. 
Differing from the approval server means 33 of drawing 5 in the approval server means 
53, The ticket use management tool 531 shall remain and the number of times of 
available shall also be outputted. The 3rd hash means 532 that performs 1 step of 
hash operation H instead of the 3rd multi stage hash means 336 is formed, the 2nd 
attestation child addition means 533 that generates and adds the attestation child to 
an authentication ticket is newly established, and it is in the point of having changed a 
part of connection. 

[0131]As this ticket holding mechanism 511, the same composition as the ticket 
holding mechanism 314 can add and use connection. As the ticket use management 
tool 531, the same composition as the ticket use management tool 335 can add and 
use connection. As the 3rd hash means 532, the arithmetic circuit which incorporated 
the algorithm of hash operation H, for example can be used. As the 2nd attestation 
child addition means 533, the same composition as the attestation child addition 
means 328 can be used. Each above-mentioned means may be realized using the 
computer program on a microcomputer or a general purpose computer. Or it may 
record on a program recording medium in the form which can read the computer 
program, and the composition combined with the program-recording-medium reader 
may realize. 

[01 32]It explains referring to drawing 16 f or operation of the authentication system 
constituted as mentioned above. Here, the case where authentication demand 
Authenticate Request301 is accompanied by the number of times n of authentication 
ticket effective is explained. 

[0133]First, the operation in the client means 51 and the authentication server means 
32 is the same as that of the case of drawing 5 and drawing 6 , a user authentication 
procedure is performed and, eventually, authentication ticket Ticket304 is sent to the 
client means 51 from the authentication server means 32. 

[0134]On the other hand, in the client means 51, The 1 st transmission and reception 
means 31 1 operates like the case of drawing 5 and drawing 6 , and the ticket holding 
mechanism 511 operates like drawing 5 and the ticket holding mechanism 314 in the 
case of drawing 6 , While authentication ticket Ticket305 is sent to the approval server 



means 53 with the approval demand Authorize Request, the number of times 31 12 of 
effective is taken out from authentication ticket data, and it is sent to the multi stage 
hash means 31 7. 

[0135]On the other hand, in the approval server means 53, the 3rd transmission and 
reception means 331 and approval — a time check — the means 332, the attestation 
child verifying means 333, and the ticket effective judging means 334 operating like 
the case of drawing 5 and drawing 6 , and, The ticket identifier 3305, the multi stage 
hash value 3306, the number of times 3307 of effective, the publisher identifier 3308, 
and the ticket effective notice 3310 are supplied to the ticket use management tool 
531. The ticket use management tool 531 operates almost like drawing 5 and the 
ticket use management tool 335 in the case of drawing 6 , Although the using 
frequency 5301 is sent to the client means 51 as approval challenge Challenge306 via 
the 3rd transmission and reception means 331 and being sent to the approval collation 
means 337 as it is by making the multi stage hash value 3306 into the multi stage hash 
value 5302, Furthermore, it remains with a ticket identifier, the group 5303 of the 
number of times of available and a server identifier is outputted, and it sends to the 
2nd attestation child addition means 533. 

[0136]Operation of the client means 51 for this is the same as that of the case of 
drawing 5 and drawing 6 , and approval challenge answer Response307 is returned to 
approval challenge Challenge306. 

[0137]On the other hand, in the approval server means 53, it is received by the 3rd 
transmission and reception means 331, the multi stage hash value 5304 is taken out, 
and approval challenge answer Response307 is sent to the 3rd hash means 532 and 
the 2nd attestation child addition means 533. The 3rd hash means 532 performs hash 
operation H to the multi stage hash value 5304, and sends the secondary multi stage 
hash value 5305 whose number of stages of hash increased by one to the approval 
collation means 337 (ST5301). The approval collation means 337 performs the 
coincidence decision of the multi stage hash value 5302 and the secondary multi 
stage hash value 5305 (ST5302, ST3316), and sends the collated result 5307 to the 
2nd attestation child addition means 533. 

[0138]approval — a time check — the means 322 has clocked current time and 
supplies the time stamp 5306 based on current time to the 2nd attestation child 
addition means 533. The 2nd attestation child addition means 533 connects the 
publisher identifier which remains with a ticket identifier and shows number-of-times 
[ of available ], group [ of a server identifier ] 5303, multi stage hash value 5304, time 
stamp 5306, and approval server 53 self, On the other hand, an attestation child is 
generated and added, and it is considered as the authentication ticket data 5308 
(ST5303), and sends to the client means 51 with notice Resultof approval308 as 
authentication ticket Ticket501 via the 3rd transmission and reception means 331 
(ST5304). 



[01 39]On the other hand, in the client means 51 , It is received by the 1 st transmission 
and reception means 311, and authentication ticket Ticket501 is sent to said ticket 
holding mechanism 511 as the authentication ticket data 5101, is held (ST5101, 
ST5102), and is used in a next use approval procedure. 

[0140]Since the number of stages of the multi stage hash value by which the 
authentication ticket 305 sent to the approval server means 53 is accompanied 
decreases every [ 1 ] for every use approval and it goes from the client means 51 by 
this, in the approval server means 53, what is necessary is just to perform one step of 
hash operation, and it can shorten response time. Since a time stamp is updated, it 
can set to the shortness of the grade which can cover the interval of access to the 
term of validity, for example, 1 hour, and the user convenience can improve safety, 
without making it fall. By this method, the client means 31 can obtain use approval in 
the shorter response time to n times using the higher authentication ticket 305 of 
safety, without revealing the password PW to a third party including the approval 
server means 53. 

[0141]Although it had composition which calculates a multi stage hash value in the 
client means 51 at every use approval procedure in the above explanation, it is good 
also as composition which carries out precomputation of the multi stage hash value of 
all the number of stageses at the time of acquisition of an authentication ticket, and is 
memorized to the secret memory measure 31 6. In that case, processing time for every 
use approval procedure of what needs to use the more nearly mass Tampa-proof 
nature memory device as the secret memory measure 316 can be shortened more. 
[0142]Thus, in the authentication system of this embodiment, possibility of the 
unauthorized use by a third party can be made smaller, and the response time of use 
approval can be shortened. 

[0143](A 7th embodiment) An authentication ticket can be used for the authentication 
system of a 7th embodiment in common to two or more approval servers. 
[0144] Drawing 17 is a protocol sequence diagram showing the protocol of this 
authentication system. In drawing 17 , the client means 61, the authentication server 
means 62, and the approval server means 63 differ from drawing 4 , and it has added 
the authentication ticket management tool 64 further. .Attestation challenge answer 
Response303. Authentication ticket shelf registration directions Registration601 
accompanied by the ticket identifier TID and the server identifier SID which the 
received authentication server means 62 took out from authentication demand 
Authenticate Request301, and the number of times n of effective. The point sent to 
the authentication ticket management tool 64, the point accompanied by the using 
frequency k in approval demand Authorize Request602, Approval demand Authorize 
Request602. Authentication ticket Ticket305 [ and ]. Authentication ticket history 
update indication Update603 accompanied by the ticket identifier TID and the server 
identifier SID which the received approval server means 63 took out from approval 



demand Authorize Request602 and the authentication ticket 305, and the using 
frequency k. The point accompanied by the random number Rk generated so that it 
might differ each time instead of the point sent to the authentication ticket 
management tool 64, the point that authentication ticket rejected note Reject606 is 
returned if needed to this, and approval challenge Challenge604 being the using 
frequency k, The points accompanied by the result of having carried out EXCLUSIVE 
OR operation with Rk to the result which approval challenge answer Response605 
gave hash operation [ of +one step of n-k ] H to connection by the password PW and 
the random numbers R0 further differ. 

[0145]By this method, the client means 61, without revealing the password PW to a 
third party including the approval server means 63, In order to check by the 
authentication ticket management tool 64 which could obtain use approval to n times 
using the authentication ticket 304, sent the using frequency k from the client means 
61, and became independent in the approval server means 63, The authentication 
ticket 304 can be made available in common by two or more approval server means 63. 
[01 46]It explains referring to drawing 18 for the composition with this protocol 
sequence of an authentication system. Also in drawing 18 , the client means 61, the 
authentication server means 62, and the approval server means 63 differ from drawing 
5, and it has added the authentication ticket management tool 64 further. Differing 
from the client means 31 of drawing 5 in the client means 61, While holding an 
authentication ticket, the ticket maintenance management tool 611 which manages 
the using frequency k is established instead of the ticket holding mechanism 314, the 
1st exclusive OR means 612 that performs EXCLUSIVE OR operation for every bit is 
established, and it is in the point of having changed a part of connection. Differing 
from the authentication server means 32 of drawing 5 in the authentication server 
means 62 forms a ticket registration instruction means 621 to generate authentication 
ticket shelf registration indicative data, and it is at the point of having changed a part 
of connection. 

[0147]Differingfrom the approval server means 33 of drawing 5 in the approval server 
means 63, The ticket update indication means 631 which generates authentication 
ticket history update indication data while remaining with the ticket identifier of an 
authentication ticket and the number of times of effective, receiving the number of 
times of available and supplying each part is established instead of the ticket use 
management tool 335, The 2nd exclusive OR means 633 that performs EXCLUSIVE 
OR operation for every 2nd 632 bit random number generating means that generates a 
random number for every use approval processing is established, and it is in the point 
of having changed a part of connection. 

[0148]As this ticket maintenance management tool 611, the adder circuit which 
calculates using frequency is added to the same composition as the ticket holding 
mechanism 335, and it is constituted. As the 1st and 2nd exclusive OR means 612 and 



633, a logic circuit can be used, for example. As the ticket registration instruction 
means 621, a logic circuit can be used, for example. As the ticket update indication 
means 631, a logic circuit can be used, for example. As the 2nd random number 
generating means 632, the same composition as the random number generating means 
324 can be used. The combination of the arithmetic circuit and comparison circuit 
which compare various communication-interface devices, the logic circuit which 
performs division combination of data, and using frequency as the authentication 
ticket management tool 64, and a mass memory device can constitute. Each 
above-mentioned means may be realized using the computer program on a 
microcomputer or a general purpose computer. Or it may record on a program 
recording medium in the form which can read the computer program, and the 
composition combined with the program-recording-medium reader may realize. 
[0149]It explains referring to drawing 19 f or operation of the authentication system 
constituted as mentioned above. Here, the case where authentication demand 
Authenticate Request301 is accompanied by the number of times n of authentication 
ticket effective is explained. 

[0150]First, the operation in the client means 61 in a user authentication procedure 
and the authentication server means 62 is the same as that of the case of drawing 5 
and drawing 6 almost, and authentication ticket Ticket304 is eventually sent to the 
client means 61 from the authentication server means 62. However, in the client 
means 61, the ticket maintenance management tool 611 operates the ticket holding 
mechanism 314 at this time. In the authentication server means 62, the number of 
times 6201 of effective taken out from authentication demand Authenticate 
Request301 is sent also to the multi stage hash means 325, and the ticket registration 
instruction means 621 besides the attestation child addition means 328, The server 
identifier 6202 is sent to the ticket registration instruction means 621 besides the 
attestation child addition means 328, and the ticket identifier 6203 generated by the 
ticket identifier creating means 327 is sent to the ticket registration instruction 
means 621 besides the attestation child addition means 328. 

[0151]The ticket registration instruction means 621 connects the ticket identifier 
6203, the server identifier 6202, and the number of times 6201 of effective, and 
generates the authentication ticket shelf registration indicative data 6204, It sends to 
the authentication ticket management tool 64 as authentication ticket shelf 
registration directions Registration601 via the 2nd transmission and reception means 
321 (ST6201). It is investigated whether when the ticket list is managed and 
authentication ticket shelf registration directions Registration601 is given, the 
authentication ticket management tool 64 which received this uses a ticket identifier, 
searches under a ticket list, and is already registered. If there is no applicable thing, 
the group of the number of times of effective as a value which remains with a ticket 
identifier and the number of times of effective, and shows the number of times of 



available will be added to a ticket list, and will be memorized. 

[01 52]On the other hand, in the client means 61 , it is received by the 1 st transmission 
and reception means 311, the authentication ticket data 3110 is taken out, and 
authentication ticket Ticket304 is sent to the ticket maintenance management tool 
61 1. The ticket maintenance management tool 61 1 matches the authentication ticket 
data 3110 with the server identifier 3101, and holds it, Remain and the number of 
times of effective taken out from authentication ticket data is simultaneously 
managed as the number of times of available (ST6101), When the use approval 
procedure starting information 6101 is given, the authentication ticket data 3111 via 
the 1st transmission and reception means 31 1 as authentication ticket Ticket305, The 
using frequency 6102 obtained by lengthening from the number of times of effective 
taken out from the authentication ticket after remaining and reducing the number of 
times of available one via the 1st (ST6102) transmission and reception means 311 as 
approval demand Authorize Request602, It sends to the approval server means 63 
(ST6103), and the number of times 3112 of effective taken out from authentication 
ticket data is further sent to the multi stage hash means 317. 

[0153]On the other hand, in the approval server means 63, Authentication ticket 
Ticket305 and approval demand Authorize Request602 are received by the 3rd 
transmission and reception means 331, The authentication ticket data 3301 is taken 
out, it is sent to the attestation child verifying means 333, the using frequency 6301 is 
taken out, and it is sent to the ticket update indication means 631 (ST6301). approval 
— a time check — the means 332, the attestation child verifying means 333, and the 
ticket effective judging means 334 operating almost like the case of drawing 5 and 
drawing 6 , and, However, the server identifier 6302 is sent to the ticket update 
indication means 631 besides the ticket effective judging means 334, and the effective 
notice 6303 is sent to the ticket update indication means 631 and the 2nd random 
number generating means 632. If the effective notice 6303 is given, the ticket update 
indication means 631, Connect the ticket identifier 3305, the server identifier 6302, 
and the using frequency 6301, and the authentication ticket history update indication 
data 6304 is generated, passing the 3rd transmission and reception means 331 — as 
authentication ticket history update indication Update603 — the authentication ticket 
management tool 64 — sending (ST6302) — it sends to the 3rd multi stage hash 
means 336 by making using frequency 6301 into the using frequency 6306 as it is. 
When authentication ticket history update indication Update603 is given, the 
authentication ticket management tool 64, The value which searches under a ticket 
list using a ticket identifier, and shows the corresponding number of times of effective, 
It is confirmed that it is in agreement with the sum total of the corresponding value 
which remains and shows the number of times of available, and the using frequency by 
which authentication ticket history update indication Update603 is accompanied, If 
right, the value which shows the number of times of remaining available under ticket 



list will be reduced one, and if not right, authentication ticket rejected note Reject606 
is returned. The authentication ticket rejected note 606 is sent to said ticket update 
indication means 631 as the authentication ticket rejected note data 6305 via the 3rd 
transmission and reception means 331 in the approval server means 63. Although the 
ticket update indication means 631 is sent to the approval collation means 337 as it is 
by making the multi stage hash value 3306 into the multi stage hash value 3312, if the 
authentication ticket rejected note data 6305 is given, it will deter this. If the effective 
notice 6303 is given, while the 2nd random number generating means 632 will newly 
generate the challenge random number 6307 for data disturbance at random and will 
send it to the 2nd exclusive OR means 633, It sends to the client means 61 as 
approval challenge Challenge604 via the 3rd transmission and reception means 331 
(ST6303). 

[01 54]On the other hand, in the client means 61 , it is received by the 1 st transmission 
and reception means 311, the challenge random number 6103 is taken out, and 
approval challenge Challenge604 is sent to the 1st exclusive OR means 612 (ST6104). 
When the use approval procedure starting information 6101 is given, the multi stage 
hash means 317, From said secret memory measure 316, the hash value 3113 is 
obtained, hash operation H of the number of stages which is equivalent to the 
difference of the number of times 31 12 of effective and the using frequency 6102 at 
the hash value 31 13 is performed, and the multi stage hash value 6104 of a result is 
sent to the 1st exclusive OR means 612. When the use approval procedure starting 
information 6101 is given, the 1st exclusive OR means 612, EXCLUSIVE OR operation 
for every bit is performed between the multi stage hash value 6104 and the challenge 
random number 6103, The disturbance multi stage hash value 6105 is generated, and it 
sends to the approval server means 63 as approval challenge answer Response605 via 
the 1st transmission and reception means 311 (ST6105, ST6106). Since hash 
operation H cannot calculate this disturbance multi stage hash value 6105 for the 
sufficiently safe third party who does not know the password PW, the random number 
R0, and a challenge random number as long as it, on the other hand, has tropism, the 
length of a result, and random nature, It is shown that it is a valid user which gets to 
know the password PW by this disturbance multi stage hash value 6105. Since many 
number of stageses of hash operation H in a multi stage hash value are performed so 
that it went back in the past and the following multi stage hash value is also 
incalculable from this multi stage hash value 6104, there is also no necessity for 
encryption. Generally it is supposed 100 or more times [ operation / code ] that it is 
hash operation a high speed, and if it is a suitable number of stages, it can process at 
high speed than the case where a code is used. 

[0155]On the other hand, in the approval server means 63, it is received by the 3rd 
transmission and reception means 331, the disturbance multi stage hash value 6308 is 
taken out, and approval challenge answer Response605 is sent to the 2nd exclusive 



OR means 633 (ST6304). The 2nd exclusive OR means 633 performs EXCLUSIVE OR 
operation for every bit between the challenge random number 6307 and the 
disturbance multi stage hash value 6308, obtains the multi stage hash value 6309, and 
sends it to the 3rd multi stage hash means 336 (ST6305). The 3rd multi stage hash 
means 336 performs hash operation of the number of stages equivalent to the using 
frequency 6306 to the multi stage hash value 6309, and sends the secondary multi 
stage hash value 3314 of a result to the approval collation means 337. The approval 
collation means 337 operates like the case of drawing 5 and drawing 6 , sends the 
notice data 3315 of approval to the client means 61 as notice Resultof approval308 
via the 3rd transmission and reception means 331, and is received in the client means 
61. However, it is not this limitation when supply of the multi stage hash value 3312 is 
deterred by reception of authentication ticket rejected note Reject606 (ST6306, 
ST6307). By this method, the client means 61 can obtain use approval to two or more 
approval server means using the authentication ticket 305 to n times, without 
revealing the password PW to a third party including the approval server means 63. 
[0156]Although it had composition which calculates a multi stage hash value in the 
client means 61 at every use approval procedure in the above explanation, it is good 
also as composition which carries out precomputation of the multi stage hash value of 
all the number of stageses at the time of acquisition of an authentication ticket, and is 
memorized to the secret memory measure 31 6. In that case, processing time for every 
use approval procedure of what needs to use the more nearly mass Tampa-proof 
nature memory device as the secret memory measure 316 can be shortened more. 
[0157]Thus, the single sign-on type authentication system with high convenience 
which can use an authentication ticket in common to two or more approval servers 
under the method with which an authentication ticket is not updated can consist of 
this embodiment. 

[0158](An 8th embodiment) The authentication system of an 8th embodiment can 
carry out decentralized administration of the use of an authentication ticket. 
[0159] Drawing 20 is a protocol sequence diagram showing the protocol of this 
authentication system. In drawing 20 , the client means 71, the authentication server 
means 72, and the approval server means 73 differ from drawing 14 , and it has added 
the 2nd [ further ] approval server means 74. The point accompanied by the using 
frequency k in approval demand Authorize Request701, Approval demand Authorize 
Request701. Authentication ticket Ticket305 [ and ]. Authentication ticket history 
reference Inquiry702 accompanied by the ticket identifier TID and the server identifier 
SID which the received approval server means 73 took out from approval demand 
Authorize Request701 and the authentication ticket 305, and the using frequency k. 
The point sent to the authentication server means 72 or the 2nd approval server 
means 74, the point that authentication ticket rejected note Reject705 is returned if 
needed to this, The point accompanied by the random number Rk generated so that it 



might differ each time instead of approval challenge Challenge703 being the using 
frequency k, The points accompanied by the result of having carried out EXCLUSIVE 
OR operation with Rk to the result which approval challenge answer Response704 
gave hash operation [ of +one step of n~k ] H to connection by the password PW and 
the random numbers RO further differ. 

[0160]By this method, the client means 71, without revealing the password PW to a 
third party including the approval server means 73 and the 2nd approval server means 
74, Use approval can be obtained to n times using the authentication ticket 304 or the 
updated authentication ticket 501, In order to send and check the using frequency k 
to the authentication server means 72 or the 2nd updated approval server means 74 
which published the authentication ticket via the approval server means 73 from the 
client means 71, The authentication ticket 304 can be made available in common by 
two or more approval server means 73 and 74, and the traffic of check processing can 
be decentralized. 

[0161]It explains referring to drawing 21 f or the composition with such a protocol 
sequence of an authentication system. Also in drawing 21 , the client means 71, the 
authentication server means 72, and the approval server means 73 differ from drawing 
15 , and it has added the 2nd [ further ] approval server means 74. Differing from the 
client means 51 of drawing 15 in the client means 71, While holding an authentication 
ticket, the ticket maintenance management tool 711 which manages the using 
frequency k is established instead of the ticket holding mechanism 511, the 1st 
exclusive OR means 712 that performs EXCLUSIVE OR operation for every bit is 
established, and it is in the point of having changed a part of connection. Differing 
from the authentication server means 32 of drawing 15 in the authentication server 
means 72 establishes the ticket issue management tool 721 which manages issue of 
an authentication ticket and is answered to reference, and it is at the point of having 
changed a part of connection. Differing from the approval server means 53 of drawing 
15 in the approval server means 73, The renewal management tool 731 of a ticket 
which manages renewal of an authentication ticket and is answered to reference while 
remaining with the ticket identifier of an authentication ticket and the number of times 
of effective, receiving the number of times of available and supplying each part is 
established instead of the ticket use management tool 531, The 2nd exclusive OR 
means 733 that performs EXCLUSIVE OR operation for every 2nd 732 bit random 
number generating means that generates a random number for every use approval 
processing is established, and it is in the point of having changed a part of connection. 
The 2nd approval server means 74 has the same composition as the approval server 
means 73. 

[0162]It can be used as the ticket maintenance management tool 711, being able to 
add the adder circuit which calculates using frequency to the same composition as 
the ticket holding mechanism 511. As the 1st and 2nd exclusive OR means 712 and 



733, a logic circuit can be used, for example. The combination of the arithmetic circuit 
and comparison circuit which compare the logic circuit which performs division 
combination of data, for example, and using frequency as the ticket issue management 
tool 721 , and a mass memory device can constitute. The combination of the 
arithmetic circuit and comparison circuit which compare the logic circuit which 
performs division combination of data, for example, and using frequency as the 
renewal management tool 731 of a ticket, and a mass memory device can constitute. 
As the 2nd random number generating means 732, the same composition as the 
random number generating means 324 can be used. Each above-mentioned means 
may be realized using the computer program on a microcomputer or a general purpose 
computer. Or it may record on a program recording medium in the form which can read 
the computer program, and the composition combined with the 
program-recording-medium reader may realize. 

[01 63]It explains referring to drawing 22 f or operation of the authentication system 
constituted as mentioned above. Here, the case where authentication demand 
Authenticate Request301 is accompanied by the number of times n of authentication 
ticket effective is explained. 

[0164]First, the operation in the client means 71 in a user authentication procedure 
and the authentication server means 72 is the same as that of the case of drawing 15 
and drawing 16 almost, and authentication ticket Ticket304 is eventually sent to the 
client means 71 from the authentication server means 72. However, in the client 
means 71, the ticket maintenance management tool 711 operates the ticket holding 
mechanism 51 1 at this time. In the authentication server means 72, the number of 
times 7201 of effective taken out from authentication demand Authenticate 
Request301 is sent to the ticket issue management tool 721 besides the multi stage 
hash means 325 and the attestation child addition means 328, The server identifier 
7202 is sent to the ticket issue management tool 721 besides the attestation child 
addition means 328, and the ticket identifier 7203 generated by the ticket identifier 
creating means 327 is sent to the ticket issue management tool 721 besides the 
attestation child addition means 328. The ticket issue management tool 721 has 
managed the published ticket list, and the group of the number of times 7201 of 
effective as a value which remains with the ticket identifier 7203, the server identifier 
7202, and the number of times 7201 of effective, and shows the number of times of 
available is added to a ticket list, and it memorizes it (ST7201). 

[01 65]On the other hand, in the client means 71 , it is received by the 1 st transmission 
and reception means 311, the authentication ticket data 3110 is taken out, and 
authentication ticket Ticket304 is sent to said ticket maintenance management tool 
71 1. Said ticket maintenance management tool 71 1 matches the authentication ticket 
data 3110 with the server identifier 3101, and holds it, Remain and the number of 
times of effective taken out from authentication ticket data is simultaneously 



managed as the number of times of available (ST7101), When the use approval 
procedure starting information 7101 is given, the authentication ticket data 3111 via 
the 1 st transmission and reception means 31 1 as authentication ticket Ticket305, The 
using frequency 7102 obtained by lengthening from the number of times of effective 
taken out from the authentication ticket after remaining and reducing the number of 
times of available one via the 1st (ST7102) transmission and reception means 31 1 as 
approval demand Authorize Request701, It sends to the approval server means 73, 
respectively (ST7103), and the number of times 3112 of effective further taken out 
from authentication ticket data is sent to the multi stage hash means 317. 
[0166]On the other hand, in the approval server means 73, Authentication ticket 
Ticket305 and approval demand Authorize Request701 are received by the 3rd 
transmission and reception means 331, The authentication ticket data 3301 is taken 
out, it is sent to the attestation child verifying means 333, the using frequency 7301 is 
taken out, and it is sent to the renewal management tool 731 of a ticket (ST7301). 
[0167]approval — a time check — the means 332, the attestation child verifying 
means 333, and the ticket effective judging means 334 operating almost like the case 
of drawing 15 and drawing 16 , and, However, the server identifier 7302 is sent to the 
renewal management tool 731 of a ticket besides the ticket effective judging means 
334, and the effective notice 7303 is sent to the renewal management tool 731 of a 
ticket, and the 2nd random number generating means 732. If the published ticket list is 
managed and the effective notice 7303 is given, the renewal management tool 731 of a 
ticket, Connect the ticket identifier 3305, the server identifier 7302, and the using 
frequency 7301, and the authentication ticket history inquiry data 7304 is obtained, 
While sending authentication ticket history reference Inquiry702 to the authentication 
server means 72 or the 2nd approval server means 74 which the publisher identifier 
3308 shows via the 3rd transmission and reception means 331, The group of the 
number of times 7301 of effective as a value which remains with the ticket identifier 
3305, the server identifier 7302, and the number of times 7301 of effective, and shows 
the number of times of available is added to a ticket list, and is memorized (ST7302). 
[0168]In the authentication server means 72 which received this, it is received by the 
2nd transmission and reception means 321, and authentication ticket history 
reference Inquiry702 is sent to said ticket issue management tool 721 as the 
authentication ticket history inquiry data 7205 having contained a ticket identifier, a 
server identifier, and using frequency. The using frequency taken out from the 
authentication ticket history inquiry data 7205 said ticket issue management tool 721, 
It investigates whether it is in agreement with what remained with the number of times 
of effective managed itself, and was added to the difference with the number of times 
of available one, and in being inharmonious, it returns the authentication ticket 
rejected note data 7204 as authentication ticket rejected note Reject705 via the 2nd 
transmission and reception means 321. When the 2nd approval server means 74 



receives this, the role as said ticket issue management tool 721 with same renewal 
management tool of a ticket is performed. 

[0169]In the approval server means 73, the authentication ticket rejected note 705 is 
sent to said renewal management tool 731 of a ticket as the authentication ticket 
rejected note data 7305 via the 3rd transmission and reception means 331. Although 
said renewal management tool 731 of a ticket is sent to the approval collation means 
337 as it is by making the multi stage hash value 3306 into the multi stage hash value 
5302, it remains with a ticket identifier and the group 5303 of the number of times of 
available and a server identifier is sent to the 2nd attestation child addition means 533, 
These will be deterred if the authentication ticket rejected note data 7305 is given. If 
the effective notice 7303 is given, while the 2nd random number generating means 732 
will newly generate the challenge random number 7306 for data disturbance at random 
and will send it to the 2nd exclusive OR means 733, It sends to the client means 71 as 
approval challenge Challenge703 via the 3rd transmission and reception means 331 
(ST7303). 

[01 70]On the other hand, in the client means 71 , it is received by the 1 st transmission 
and reception means 311, the challenge random number 7103 is taken out and 
approval challenge Challenge703 is sent to the 1st exclusive OR means 712 (ST7104). 
When the use approval procedure starting information 7101 is given, the multi stage 
hash means 317, From said secret memory measure 316, the hash value 3113 is 
obtained, hash operation H of the number of stages which is equivalent to the 
difference of the number of times 3112 of effective and the using frequency 7102 at 
the hash value 31 13 is performed, and the multi stage hash value 7104 of a result is 
sent to the 1st exclusive OR means 712. When the use approval procedure starting 
information 7101 is given, the 1st exclusive OR means 712, EXCLUSIVE OR operation 
for every bit is performed between the multi stage hash value 7104 and the challenge 
random number 7103, The disturbance multi stage hash value 7105 is generated, and it 
sends to the approval server means 73 as approval challenge answer Response704 via 
the 1st transmission and reception means 311 (ST7105, ST7106). Since hash 
operation H cannot calculate this disturbance multi stage hash value 7105 for the 
sufficiently safe third party who does not know the password PW, the random number 
R0, and a challenge random number as long as it, on the other hand, has tropism, the 
length of a result, and random nature, It is shown that it is a valid user which gets to 
know the password PW by this disturbance multi stage hash value 7105. Since many 
number of stageses of hash operation H in a multi stage hash value are performed so 
that it went back in the past and the following multi stage hash value is also 
incalculable from this multi stage hash value 7104, there is also no necessity for 
encryption. Generally it is supposed 100 or more times [ operation / code ] that it is 
hash operation a high speed, and if it is a suitable number of stages, it can process at 
high speed than the case where a code is used. 



[O171]0n the other hand, in the approval server means 73, it is received by the 3rd 
transmission and reception means 331, the disturbance multi stage hash value 7307 is 
taken out, and approval challenge answer Response704 is sent to the 2nd exclusive 
OR means 733 (ST7304). The 2nd exclusive OR means 733 performs EXCLUSIVE OR 
operation for every bit between the challenge random number 7306 and the 
disturbance multi stage hash value 7307, obtains the multi stage hash value 7308, and 
sends it to the 3rd hash means 532 (ST7305). The 3rd hash means 532 performs hash 
operation to the multi stage hash value 7308, and sends the secondary multi stage 
hash value 5305 of a result to the approval collation means 337. The approval collation 
means 337 and the 2nd attestation child addition means 533 operate like the case of 
drawing 15 and drawing 16 , and send the authentication ticket data 5308 to the client 
means 71 as authentication ticket Ticket501 via the 3rd transmission and reception 
means 331. However, it is not this limitation, when it remains with the multi stage hash 
value 5302 and a ticket identifier by reception of authentication ticket rejected note 
Reject705 and supply of the group 5303 of the number of times of available and a 
server identifier is deterred (ST7306, ST7307). 

[01 72]On the other hand, in the client means 71 , It is received by the 1 st transmission 
and reception means 311, and authentication ticket Ticket501 is sent to said ticket 
maintenance management tool 711 as the authentication ticket data 5101, is held 
(ST7107, ST7108), and is used in a next use approval procedure. 
[0173]Since the number of stages of the disturbance multi stage hash value by which 
the authentication ticket 305 sent to the approval server means 73 is accompanied 
decreases every [ 1 ] for every use approval and it goes from the client means 71 by 
this, in the approval server means 73, what is necessary is just to perform one step of 
hash operation, and it can shorten response time. Since a time stamp is updated, it 
can set to the shortness of the grade which can cover the interval of access to the 
term of validity, for example, 1 hour, and the user convenience can improve safety, 
without making it fall. By this method, the client means 71 using the higher 
authentication ticket 305 of safety, without revealing the password PW to a third party 
including the approval server means 73 and 74 to n times, Use approval can be 
obtained in shorter response time, and the authentication ticket is available in 
common at two or more approval servers, and can decentralize the traffic of check 
processing. 

[0174]Although it had composition which calculates a multi stage hash value in the 
client means 71 at every use approval procedure in the above explanation, it is good 
also as composition which carries out precomputation of the multi stage hash value of 
all the number of stageses at the time of acquisition of an authentication ticket, and is 
memorized to the secret memory measure 316. In that case, processing time for every 
use approval procedure of what needs to use the more nearly mass Tampa-proof 
nature memory device as the secret memory measure 316 can be shortened more. 



[0175]Thus, decentralized administration of the use of an authentication ticket can be 
carried out by constituting an authentication system like this embodiment under the 
method with which an authentication ticket is updated. Therefore, one management 
resource can be lessened more. 
[0176] 

[Effect of the Inventionjln this invention, single sign-on type the authentication 
method and authentication system which cannot need cipher processing in a client 
side, but can manage the use count of an authentication ticket easily, and can 
eliminate [ 1st ] double use are obtained so that clearly from the above explanation. 
[0177]In a user authentication procedure, cipher processing in a client side is not 
needed for the 2nd, and also single sign-on type the authentication method and 
authentication system which can communalize data processing of attestation 
presentation information and data processing of presentation information are obtained. 
[0178]In what generates [ 3rd ] collation information by making into confidential 
information the random number for attestation which the client means generated. 
Since the collation information which an authentication ticket includes becomes 
unrelated to user authentication information, even a possibility that user 
authentication information will be guessed cannot be found and single sign-on type an 
authentication method and an authentication system with higher safety are obtained 
from an authentication ticket. 

[0179]By 4th on the other hand performing irreversible arithmetic operation of 
confidential information by tropism hash operation, even if a client side is a device 
with low computation capability, single sign-on type the authentication method and 
authentication system which can perform use approval processing by practical 
processing time are obtained. 

[0180]To the 5th, an approval server means by what updates the collation information 
of an authentication ticket, etc. Since it is updated whenever an authentication ticket 
uses it, and especially a time stamp is updated and the term of validity in an effective 
judging can be set up shorter, Single sign-on type the authentication method and 
authentication system which possibility of the unauthorized use by a third party can 
be made smaller, and can shorten the response time of use approval further are 
obtained. 

[01 81 ]In what established the authentication ticket management tool which manages 
[ 6th ] the use count of an authentication ticket. In the system by which an 
authentication ticket is not updated, since it becomes possible to use an 
authentication ticket in common to two or more approval servers, single sign-on type 
an authentication method and an authentication system with higher convenience are 
obtained. 

[0182]To the 7th, an authentication server means and an approval server means by 
what memorizes the issuance history of an authentication ticket. In the system by 



which an authentication ticket is updated, since the decentralized administration of 
the use of an authentication ticket can be carried out, single sign-on type the 
authentication method and authentication system which can lessen one management 
resource more are obtained. 
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[Brief Description of the Drawings] 

[Drawing 1] The key map showing the outline of the authentication system in a 1st 
embodiment of this invention, 

[Drawing 2] The key map showing the outline of the authentication system in a 2nd 
embodiment of this invention, 

[Drawing 3] The key map showing the outline of the authentication system in a 3rd 
embodiment of this invention, 

[Drawing 4] The protocol sequence diagram of the authentication system in a 4th 
embodiment of this invention, 

[Drawing 5] The functional block diagram of the authentication system in a 4th 
embodiment of this invention, 

[Drawing 6] The flow chart showing operation of the authentication system in a 4th 
embodiment of this invention, 

[Drawing 7] The detailed functional block diagram of the attestation child addition 
means at the time of using a message authorization code in the authentication system 
in a 4th embodiment of this invention, 

[Drawing 8] The detailed functional block diagram of the attestation child verifying 
means at the time of using a message authorization code in the authentication system 
in a 4th embodiment of this invention, 

[Drawing 9] The detailed functional block diagram of the attestation child addition 
means at the time of using a digital signature in the authentication system in a 4th 
embodiment of this invention, 

[Drawing 10] The detailed functional block diagram of the attestation child verifying 
means at the time of using a digital signature in the authentication system in a 4th 
embodiment of this invention, 

[Drawing 11] The protocol sequence diagram of the authentication system in a 5th 
embodiment of this invention, 

[Drawing 12] The functional block diagram of the authentication system in a 5th 
embodiment of this invention, 

[Drawing 13] The flow chart showing operation of the authentication system in a 5th 
embodiment of this invention, 



[Drawing 14] The protocol sequence diagram of the authentication system in a 6th 
embodiment of this invention, 

[Drawing 15] The functional block diagram of the authentication system in a 6th 
embodiment of this invention, 

[Drawing 16] The flow chart showing operation of the authentication system in a 6th 
embodiment of this invention, 

[Drawing 17] The protocol sequence diagram of the authentication system in a 7th 
embodiment of this invention, 

[Drawing 18] The functional block diagram of the authentication system in a 7th 
embodiment of this invention, 

[Drawing 19] The flow chart showing operation of the authentication system in a 7th 
embodiment of this invention, 

[Drawing 20] The protocol sequence diagram of the authentication system in an 8th 
embodiment of this invention, 

[Drawing 21] The functional block diagram of the authentication system in an 8th 
embodiment of this invention, 

[Drawing 22] The flow chart showing operation of the authentication system in an 8th 
embodiment of this invention, 

[Drawing 23] The key map showing the outline of the conventional authentication 
method, 

[Drawing 24] The protocol sequence diagram of the conventional authentication 
method, 

[Drawing 25] The functional block diagram of the conventional authentication method, 
[Drawing 26] It is a flow chart showing operation of the conventional authentication 
method. 

[Description of Notations] 

1, 11, 21, 31, 41, 51, 61, 71, 81 client means 

2, 12, 22, 32, 42, 62, 72, 82 authentication server means 

3, 33, 53, 63, 73, and 83 Approval server means 

4, 14, and 24 Confidential information 

5, 7, 803, 805 authentication tickets 
6 and 804 Presentation information 
8 and 806 Notice of approval 

13, 23, and 801 Attestation presentation information 
64 Authentication ticket management tool 
74 The 2nd approval server means 

311 The 1st transmission and reception means 

312 and 81 1 Input means 

313 Hash means 

314 Ticket holding mechanism 



316 A secret memory measure 

317 Multi stage hash means 

321 The 2nd transmission and reception means 

322 attestation — a time check — a means 

323 Authentication information storage means 

324 Random number generating means 

325 The 2nd multi stage hash means 

326 Attestation collation means 

327 Ticket identifier creating means 

328 Attestation child addition means 
328A self-identifier storage means 
328B data connecting mechanism 
328C connection data hash means 

328D server common key memory measure 
328E common key system cryptographer stage 
328F attestation child connecting mechanism 
328G self-secret key memory measure 
328H public key system cryptographer stage 

331 The 3rd transmission and reception means 

332 approval — a time check — a means 

333 Attestation child verifying means 

333A attestation child separating mechanism 

the [ 333B ] — the connection data hash means of two 

the [ 333C ] — the server common key memory measure of two 

the t 333D ] — the common key system cryptographer stage of two 

333E data separation means 

333F publisher identifier collation means 

333G comparison means 

333H server public key accumulation means 

333J public key system decoding means 

334 and 832 Ticket effective judging means 

335 and 531 Ticket use management tool 

336 The 3rd multi stage hash means 

337 Approval collation means 

41 1 The random number generating means for attestation 
412, 612, and 712 The 1st exclusive OR means 

421 The 2nd hash means 

422 The 2nd exclusive OR means 

423 The 2nd multi stage hash means 
51 1 Ticket holding mechanism 



532 The 3rd hash means 

533 The 2nd attestation child addition means 

611 and 711 Ticket maintenance management tool 
621 Ticket registration instruction means 

631 Ticket update indication means 

632 The 2nd random number generating means 

633 and 733 The 2nd exclusive OR means 
721 Ticket issue management tool 

731 Renewal management tool of a ticket 

732 The 2nd random number generating means 

812 Session key decoding means 

813 proof — a time check — a means 

814 Certification information cryptographer stage 

821 Session key creating means 

822 Session key cryptographer stage 

823 Ticket cryptographer stage 
831 Ticket decoding means 

833 Certification information decoding means 

834 Certification information effective judging means 

835 Approval collation means 



(l9)B*GMMffl- (JP) 02) & Hfj ^ 5^ & $g (A) (lDWWfflWaiW* 

#1^2000 -222360 
(P2000- 222360 A) 
(43)&MB ¥J&12^8/|11B(2000.8.11) 



(51) IntCL 7 
G 0 6 F 15/00 
12/14 
13/00 

G06K 17/00 
H 0 4 L 9/32 



3 3 0 
3 2 0 
3 54 



F I 

G 0 6 F 15/00 
12/14 
13/00 

G 0 6 K 17/00 
H 0 4 L 9/00 



330B 5B017 

320C 5B058 

354Z 5B085 

T 5B0 8 9 

67 5A 5J104 



m*m<D&& OL (*48JO 



(2i)mH*# 


^¥11-24446 




(7i)ta«A 


000005821 












(22) mis B 


¥f£\W2n 1 H(H 


m. 2. 1) 




^RJWWm^PWiooesifi 








(72)»W# 


mm mm 


























































(74)ft«A 


100099254 




















m*n\zm< 



(54) Bfilfl©**] Sgffi#*fc> HKS/X^AJKflBKWS^P^ABftiB* 



(57) mm 
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i: "elMSflMB 4 *nii?Z>o BIE-9— 2 «*8ffi« 
IB 4 tc^pj^* f £ n HlfTfco fc88£fflf$fi*^rA7£K 

H^^r SSffilf fB 4 tC^nJJffifB? f * n - 
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C ©*jMWBfc 3 TOa!*J|[ f £r k o 



2 gg-»-^T« 




(2) 



# ffl 2000-222360 



7V h^lSk^fl^MSffiv'Xf-Atc&^T, 
^SblHl»^n CnlilEfifSO T-^SISE^^ >y E- 

^LitufBSgBiE^'y h kj^UTfOT^BTf S^JIt 

gifFfcW^IIIWfclraBRl:*^** Mo, §gtiE?#tt 
#£nT*J»K Hu8Bfia-&1S*ti, BufBISSE-9— /*¥©i: 

mib* ^-r r > v^&t tupm-? m&mmcpfifecD^ 

- k |n!S6 L fc €> 5 £ £ *¥fWl k 1 3 MM. ~>Xf 
A» 

u wis * 5 -f r > h ms. t <Dmx-=L-^m^ 

mt&Sfr L T HuKBi^fflE^^ E- £^ff "T 5Ct ^rW^ k 
•f SifSffciS 1 ^BBtSc«KE^XT-Ao 

3 ] liulB^ffi^-/ a— ysBM^nn 

— f Mum $b t mmm. t (ommcmmm^^mm. 
i mx±.m l & t> ot-^ t> > flijiBKSE*^ii!«fi, 

MfB^ffilf HulBmSO^nl^^*^ n dlSS L 6 © 
k£t3MKk-r3ail;i<]fi 2 (cGMQSBS'Xt- 

A 0 

tctjvTSLS&feSu cti^Lx^^^yyh^& 
— *FMM.'tnWk tffuf BSUfc k <Dm&cmm?m<D7fWM 

mn* i iyiw±flSLfc ^(Dtnmz^^TyY ^m&z. 

CfS#Jg5] HulBa-ifMSE1f^*^ a— iffc«tt)A 
P> 4 OV^-rn^tclBKOBgKEv'X-r 

4 €»V^-rn*HcfBlg<D^BEv'X-rAo 
tDESIiEi>XxAo 



Xfi»o 

[fit** 9] mrfBBffS©^i5IiM^»^\ 

nAHciatgoi^iEv'x-rAo 

^trc k^mk-raatsRis i 9 <D^-rntiHcmm 

oSE^x^iAo 

[«*rii l] HfrlB^E^>y ht)K mi BBf^tJ 

^SE^X-r A 0 
[ff**i 2] MfBSSE^-yhA^ Wngmft&tt 

MSf^ti, HaiBW%lHl»^n-kfc:S3l?f«nsci:*«f 

*s*-rscii:%!Rf«i:-rsis*«i*^ i 2©v^n 

*•> ilB <S © SSffi -> X -r A o 

CttjRlM 14] fulB 5 w y > h WIB^SE^ 
-y h ©f^fflinilk^SJf. ITfc D , ni'i3B^aiE^^ -y h t 

m^Ml l 2<OV , '-rnAHCaB*g<D^(ffi>'X-rAo 

h^{«x.T43D, mt^^-JTyY^m, tuIBISIiEf- 
^<y h tDff fflloia^WIffl D , BUHBsgSiE^^r 7hi 
£Ucctt^LT5flJffl^£3Ra6£ fcotfet), MIB 
^fiiE+)--^^IS«^ nulBa^fll^^ -y h ^^lTt-§ k 
{ctfflBISfiE^^-y hBa#©teWISKK^-'5r*y KDSSff 
SSS^-m^L, MIB^rT-9-— /^#©ti> ftuSB^aE^-y-y 
h ©^^^^THUlE^aEf-^ >y hea¥Stc|fjfBESE 

X-rAo 

[IS*r|l6] BulBigor-9— A#ia*1iR«^. iuSB 
fflBnpfcjR&S HulBSSE-9--^¥m«, tu 
t fc tcHfr«JS^IB'l« mifBKJiE^^ >y h co^^^rS 

itTWiBisE^'T- -y b (Dm^'Mm^tmumm.^ 
<Dmm*m% u MaaKSE-y-- rctitfriBisoj-9- 

-/ <£ D feffe ii^n * § fc if ic it % m U L 4 ^ 
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[f»*JRi 7] tWESgiiHJ-— fUfflKWHH 

few* n - k HISS L fc fc co fc tufBSUS £ ©SMfiWt&aft 
ft»!g*T&SCfc*«M»fc-rs»:fc]Sl 4*»6 1 6© 

1 8 ] WM.^'r y h *58ffr afgffi->7— ^¥ 

m t ^-/^su? t mmr* -y h ©*a&B»<o 

mm^^-y him^m^^mM^-y horn 
mm mttmTxm&wn? a ausgw^ia t , tufa a* 

^gj; D a—*fK8H««*#S fc fc fc fc^PBKBE^- ^ 

n*iMSKEKitfr § «ffiie«#© fc , BuiB«affBtt¥ 

T«SfiSBA*#SctOW^lliI^n (nttEfiSSD £f# 

8ufB^aE+>— /^StciM t) , fOTRRT^Wfcfc^TttM 
iE«Rj'9--/^«<k 0 ? UJtJ|BI» k ( k {4 n WTOIESI 
») ^l#T, n-klS©/N«y->aiS[J¥%SlfiLTf#rc^S 
/vy S'aflfcWEBRpfr— ^gfcMS^g/vy ->a? 
gfcSrJWiSU 

ii58B;®iiI-9--/^m^> ^.-+f^!SE1fff8*^»^nfe^ 

feo.— ifssw $g t ijisaisc^fiSt^ST^fiR l fc 

OjSKtC n + 1 Wi<D> ^•r>a j&!¥£fT * 5 35 2 »^gy n 
y ->a?Sk , itufB * 5 -< 7 > h m'k «fc t> n -y 

^iffl^HUlB^ 2 <0#®/vy S/a#gf#ft#a/N7 ^ 

0 If fc £g/ \ y 5/ a ffi, itufB * 9 - Y T > h <fc 0 #fc 

tf-'WfFsiraabiasu HuiB^fflEff-^aio^rc 
m%mmc&-3< ?-rAx£>7\ mo'ic^be-^-/^ 



<t 0 ff fc^Jlf ^ i: <Di<D«?fi >y <7 f 5 -y 

vmwmmzt, tm^-y ho^f hawfFfcw 
ffl ni» fc a t) wffl bthehir fc *eit 5^7h ^ijfflg 
fc > tuHB^'7- -y h mmmmmzz <o mm rnWDt* 

f#T> mm^^^TZ/Y^WL^K> mc&W ^ -y -> a ffifC 
k vy jg^^Sg LTffcr:^^ n -y -> a 

~> i^gj; d i#fc-^^©/ % -y ^> a m fc *fia^-r § tm 
m&^m fc <if § c fc fc ? 5 tsiiE ~> x f a 0 

[W*IB19] ff(lBI§HiE?#*n#©^\ ^-/^T'K 

©fc, s^gij^^iBti-rssiKBij^iBti^iafc, ^y 

fc ih-/«gif fc wia § wsu? iB'tt^s J; 0 ntcmim 
fc ^jite-r a t 2 '- * ai*s#ia fc , m.\-7 : - $ mm 

«ji»73 ssg^® ^ffl v > t tiiiaaig^'- * / n -y v- a #s 
<t 0 f#fe / n -y -> a ffi^Bt^ft l xmm^- nmmii 

SBg^¥IS fc , tuIBx- «t 0 f#fc^*S-r- ^ 
fc MIBttil«^SB&#^ S «t 0 »fc«IE? fc *a9fif a 

Bf^a^IB'lil-a^ 2 cD-9--/^iiSllB1g¥mfc, ESSE 

^ -y h ^aiigx- ^ fc sgffi^ fc tc^^t- a mm?KM 

¥®fc, mifBMSE^Si^m^ytfrca^f 1 -^*^^ 
-y h iiBiJ? fc n -y *s a ffl fc ^ MWk fc ^ -Y A X * > 

y fc t wnmmm? t ictm? % 2 » 

K¥©fc, S9ESgSE?»»*S«k»)»fci!aS7*-*fc-'> 
-y ^> a mnttffi-? m 2 coa^^- J^yyaflt, Iff 
aam 2 ©^-AttaitHB'b33M§£ Dt#fc«MSl77^Bg^ 

m&m^xmsm 2 ©a^-^/N-y ~> a mm* 0 »it 

> n >y ~> a f|g%Bg^b L T JtKfflSSE? fc f * 3? 2 cDftM 

n^^Hg^a fc , ssibt 1 ' — ^ ^-M^iScj; o mtcmim 
mm=?tfit&htt-/mm : f-x-ibz c fc^^x -y y-ra 

KBU^Sg^^® fc , MIBSIff ^B'J^lWS J: 
Df#fcHa^**^^*^-r^(cMIB^iE?«-gt#© 

et o iffcMBE^ fc saaem 2 o^agi^^Ht^^s & 0 n 
rctmmmw? t br«g**a^-r a fc 

#Sfc> sugij^siBtBi-ragiRSii^ias^Sfc, 

>y MaBiJ?fc^S^-y^afflfcW?A@i!(fc^^AX5> 
fc buIE S IffiS'J?! B«¥K <t 0 %tz.Wn 

mm& fc *aus-r a * ae^ia fc , mibx- * a 
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- * /n >y -> a fc , suta £ Wm«IB«¥g«}: t> f#fc& 
5£Hg#l8ffi«%ffl V ^ T Su HBjMS-r- £ / n >y 5> a # 
15 «fc D >y ^> a ffi^Bg^t t?5 tefflm 

#5£BfW® fc , WBB'r- ^ 51ie¥©«fc 0 tf fc>i*67 f - 

mM?m&^m t *mm b , 

MEWStyiftlE^fi)^ agal^ „ h £jg«g-7*- * fc @ 
E?fc fctftt^aKSB^Ii^® fc, WIBKliE? 
IS «t D f# fc Igf- * £ ^ -t" -y hiW? fc \ -v > a 
ffi fc *f #>Ie]» fc * -f A X £ > 7° fc -9"- / «9f? fc 

mw&tizftMLmtiirz <?- x ftn^®. t , wibsssi 

T-ftm&fH ± t) l#/c31^x - * fc / n >y ~> a msfcas-r ® 
2 <D jffiig-r - £ /> -y -> a ¥IS , 

S -9-- / ^MttWH^gt fc » / ^^BUa*W^© 

«fc t> f!Jfc&IM^^^!*tt*ffl^TaaaB^^* 
¥IS <fc 0 tifct^ffi? *«9 LitKffl^ yi'altm 

BHft£ s&^is fc , mmm?- ^r^fiiD 

f#/c/ vy ~> a ffi fc tfflB^ffl®77^II^#© «fc 0 t#fcjt« 

ffl/N -y ^ aiifl fc % jtiR l tis*% nm-r z> wm®. fc % 
*ffirr s c fc*#^fc-rsi»*ja 1 8 tctBSc^aE^x 

•rAo 

fc 35 1 0^ffiWtl&a!ft#© fc £Hfi U KTCffiiE 

*£j*U Bi'lJam l <r>WM&3%imm^mit. a— »fggiiiE 

WL fc B'iuB/ n -y i/ a ^SJ; D f#fc/ \ y i/ a ffl fc ©gfffi 
JSftJiS* ^ j & -3 XM fcMSU n >y 5" a hub EKfE-fr- 
/^ISf-iMD. iifi!IB«miB^©{i, ijuE^liEfflSL^ 
fiJc¥IScfc Df#fcffiEffla»%H?ffi»KI2«b, fUB^S 

/ n -y ^ ms. it , mmmmm^& «t o ,ig,!ii;jn assc** 

0 f Uffl \<m k*m-C, n - k ©O/ n -y a ijil^^M L T 
ntc^W n -y a MfB^BT-9— / ^IS(c3M D , 
WEKH"9---'^a^ WIB^KE88^¥©fcf^t> 0 ^ 2 
CO/ vy «>a ¥S&t>'m 2 ©PffeWlftSfa^iSfciyiU 

susb^ 2 £D/N>y *s zL^mt, mmmmmmmms. =t t> 

t#fc a— tfSgSEW $B fc fJfBa»^/a#ST?^fiK b fcSLS( 
fc OJilSfc/N -y -> a ^»^rfift b> SUSBSI 2 OgfffiWMil 

mmm, tutam 2 co/N-y ^a#m* ^ftfc^-y 5/ai» 

fctulB^^^7> h^lficfc Df#fd«SL/vy "y^mt<Dm 

2 ya«, MfBlff 2 cOSfffiWMilft¥S 

IBgfiE^^D^Sii, WlB^^r-y h»BiJ^fiR¥©«tt) 
tffc^^r-y hfKgi)?, MIB^2©^IS/N-y^a¥®J;0 



Sim*gfz:St3< ji-TW^yr, Mt/tcl^E^— /^S 
^^•T^fT^liSiJfoaiStcMII^^MiJO b, ISIiEf-y 
•y hfcLTBufB^^^ryh^SiciM^Cfc^Wiitfc-r 
^IS5}<3S 1 8*>5 2 0©Vvf ftfrfcKttO&SEi'XT- 
Ac 

[W*IS 2 2 ] HuIB^Rr-9— /^©^> MfB^ 3 <D& 
®/n -y a ¥® fCftfc 0l3CAyy a ¥lfiRt>B 2 © 

WIB ^ 9 f 7" > h ¥S<t 0 tf >y i/ a tffc: / > y -> 

a i^S^fig b Ttffc-^^S/ n -y ~> a b, itufB 

n >y ~> a {I fc huIB^ 3 CO/ n -y v- a K> ff tc~$!.%> 

is/ n -y ~> a ii fc %b§^ b , mhb^ 2 nmm.^ ma^m. 

It. mtf->T"J hfiJfflWH¥ISJ;Df#/cf-^-y hfiSiJ 

^-/^B'J^SO^O^Jffl^ ffflB^^-fZyh 
^IS<fc 9f#fc^l£/vy ^>afg, tuIBS^nllt^lSJ; Df# 
rcB#«im«»C«"^< ^^AX^>7\ MtftC^nJ^-/^ 

^^•y hfcbTtulB^^^r>h^lS^^Cfc^^ 
fc-rSffjRJSl 8*^2 1 <DV^n^ftiB«OK»E'>X 

2 3] l ^#IS fc , ISSE^- 

■ir>y hco^ff&WJffl^^mi-r^sIaiE^^-y hSffl 
¥ISfc^Mfilb, WfBlgaE^y>y htta#8W, tSIBIS 
IE^-/ i ;¥ISJ; Dlf ^;HII^^-y M8ff£tfgfi?^*fc fc 
^c^^r -y h HBW fc fc?SD fijffl IU» fc Office 

iffibT, MHBIl!nI^-/^ISJ;0fyfei!Sffi9 : -^'y hSM 

3BsSnJ^-/^IS^aSffiE^-y -y h ft>*{Sjffi»J*iM o , 
MI3KSE-9— /^©*^ ^^r-y h§iSJg^#IS^r^{I 

b> mtf-'rv bmkm^mt, mm^y nt9J? 

^fig^lS «t t) fffc^^- -y h «SU? fcMfB^7^ryh# 
a<t t> / <W3"J^»tf*fSli0» fc £> ISffi^^r -y 

hummm^Sit, m 1 co^fflwi#aa#isfc 
^*«b, tuta^^-y mwmm^mn, 

/^ISi *) ISttE^-y >y h ZmTGmtZ fc fc £ tc^JffllHl 
»%S1 b T, itufBISnj-y-- /^ISfc *n 6 ^rffi^ U 
tuf3^©/N>y ^a^lS«. BSIB«lffiIB«¥m<t O/N-y *> 

>y ->a2SS£fifcbTff fc#i8/vy v-affi^BUBB^E-y-- 

/^IStcjMD. f"JfflSlnI¥»itct5V^T«HuIB^^-y hfS 

mmm^mz vmrcmm\B®n k %?#t, n - kis<o/vy 
->a?aw%sftbTi#fc^is/N-y ^affl^Msam i (omm 
mmmn^mc&t) , mzm 1 <o^fflws«p^is«s 

mt&W n «y ^> a ^IS <fc Dtffc ^IS/ n -y a fi fc mTHBIS 
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f-5r y h H«f*B*¥S *U HI 2 ©Sl»£##a fc> 8 2 

mmi-Tkxsy--> tmrn^^^ryhm^^m 
izmm mm. t &t>m&f-'r v v mmwmm^^ l t 
waaasE^-jry wastes o> tais^E^y hm 
w&WLUQWfrf-'rv hmmmtatfmzn&friicm-e? 

<t o ttfc^is/ n >y v- a fi * m ts l , sagas 

^is&tftuias 2 ©gfffiwiftaft^SfcjM o . tufBS 2 
(Dmmmmmm^mt, mibs 2 ©a^^mj; d m 
rcZimtmmt^^Tyh #s«t d mdstfL&w n -y 

a M ©#Mti ftMf niK^t^ff * o T £K> \ v a it* 
3tf#U tfJ8BS3tD^S''N < y^a^S«, MtBS2©J# 

ftew»^siifp#s<fc 0 mtc&m vy>^ fifl k n -y y 
wmmmv-'rv hnmmsiiz. mmmmv- *) 
t {mm ntmmm vm. t ©si*«a l , mmtmv 

[t»5j<js 2 4 ] 1 -m±mm u m 

mmv 7^7yh bMB?-^- >y hGat¥mu:ftfc> 

/^#IS«fc OlSEf-^r-y h£l#T{£}t-f £ £ t fetcfijfflla] 

mm^m^^y^m^ mmmm^mz t>^v> 



so, 

s 2 ©gf fawa&afo^s t *mffi l> tui B^-y -y h Mfr 

mwm®*ttm&icifcmm=p®M. : $&& *> nit** 
v vmm^Tkxjv-'mm^tmmv^^Ty 
vmicmmm%itfr hmmm^&^i&L, 
mmBifrtf^-tfmi^Mv- mm 2 mmv 

tiKfr o icm-etic, mEv^^ryh^mx^ mitmm 
®mtmmm?mi^&£ l 9nic&®^>y is*mt* 
ttijjirztt&ic, rtrvhmm?. v-'tm&RV 
at)5pjfflin»*©auT, satBS 2 ©^w- /^a* 

^x7^L> ^»^©tI^-(c«MlBS 2 OKW- 

mctm**y vwmm^m*). jwaa»2©ssuR^ja 
s 2 ©sffttW^a?n¥©^jM 0 , iiusbs 2 ©$Kttw§§a 

f7^7^b?ait) micm£L&fSL> ^y'y^mt <omm 
mmmws-m^-ox^w^y -ya.w.^m% mib 

H 2 ©/vy MIBS 2 ©SPft!3W^affi^S<i; 

D ^ "V S/ a ffitC/N -y i/ a. M»*Sfi b T t# feZl* 

>y i/ jl * L , tu IBS 2 © SSffiE^ttftP^© 

-/^BU^&tf H 0 f UffliaS, 2 ©SfffiW^aiP 

¥a«fc D f#fc^!3^-y ^>a«, SuIBIS^JHtfSt^SJ; 0 f# 

^IS^^'T^f #§ffiSiJ?©S*££^iE?*ttftn L, SBE 
^-yhi: LTniJaB^^-f'Ty h5-micmz>Z. tZW® 
t?Z>mMm2 2lCfB«©ISiiE^XxA 0 
[BS*« 2 5 ] igSE^ -y h %«ff -f « KS*- 

tulBI?,iE-9— ^^IS^If>K9 L '7-y h*S*L, MfB 
igpT-9— ^#©{c^fiE^^ . y h©fijffllgpI*^T5^ 

KIE-9— A^IS^ 5> v "7^ T y V ^Sfc, 3B3E-9— 
S i: 9 5 -f 7 > h #13 i: SlKffilf $ Sfcp/f S©^ 

fiJfflSwr***. |gW-^¥©©^1f^©S#{cW 
lt> ^7^7yh«, tuIBISilf-^-y h©^ffl0 

$B(cMIB3r^©^nrjMSIW* n - k 0SfiLfcg|»^m* 
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n msm&m m t <D-nzmmr zct t-?% 

h#«H\ itufEggSE^-y h&EgW-^&fc^LT 

ffifcMiBmso^niMsiiL* n - k mm l^sssisjii*: 
fe^nmm*; n - k 0^L/c$s?*£iiifcs#r-r3 c 

[M*i> f { 2 7 ] mUUMV->^®t.f)\ WM.fr v b 

mtm.hnm&zm^'&n^wm.n^: n + 1 mssL 

jUS^ 1 lalSteLfcillSi^m^MIB^Ifffii: LT, cn 

2 5 HZfclt 2 6 (C|B«o©I^Il73r£o 
[tSsRS 2 8 ] IfMfiE^-/ l^liEf-^ >y h 

ESSE -9— / s «Rf LT a— tF&SEISSH i: fwfE 
SU& t i/>THulB^SEffi^1t$g^ 5 HuffiffiiMSURfc 
iSS»U BtffB^aEfflgL^^MIB^ifffitLT, c*Uc 

2 5 Sfcte 2 6 [CfB«c(DEfJjE77?£c, 



[MsR^s 2 9 ] mmn 1^524 © v-rn*^cta<s© 
i?iiE ^xt- a t^t^ n* i!iii7j?£ * a 1**11 2 5 

a^n^7AIE^«l*c 
[0 0 0 1 ] 

^-9--r ym.nmM--nwkxsmm.iy x -f a ic m # 

[0 0 0 2] 

tsis^wrscit^stKL, ^m^r^-bx^fT^t>ti 

BftHS-T^^ffi^it Lift /U7- KAWciStO 

ai73 ffiA^yffl * n« <t a * o t*/c 0 c o «t a & > 

^Vl/^-r^^-^SycOgfiE^ffi^LTa, f?ijx.(i\ Ker 
b e r o s KSE^X-rAT/fl^SnS T T P (Trusted 
Third-party Protocol) liStC^l^tlTV^c 

[0003] ^*«->>^^-^>^>^«ii;e 
&<Disy7>WJy*ym<DMU?;&<oM.^**-tM& 

>X|t'fe5o 02 3^02 4(C*3t^T, 81{i3— *f 

j y $ 7 x -x^o ^ 7" y b ^fst, mt=L— tf m 
[0004] ?7^Tybmmt%m*T-/^m2t 

I D ^EgSE^If IB tLttfe%-3 fc&iiEgJfcAuthen 
ticate Request801^r^ vi'T'V b^mi^mU^—^ 
^micm 0 > C ttfcM S¥©82 ^X "7- 

^•^/cISfiEJS^Authorize Request802^1SfiE7 L ^' y hTi 
cket803t t&lcm^m-to 

[0005] ^^^ryb^-^mtM^i^—^ 

¥©83 ©^Jfflt^Bl¥]lifC *3V (4, ^ 5 -f 7 y b #a 
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fctgRTSsRAuthorize RequestStM&SStiE^ >y Micket 

805 1 tt>icw*sy-'^m3icmt). ctiicMLtm 

■y-— / ^#|S83(i ISESsRAu thor i ze Reques t804 fC *5 1 1 £ 
jSKSDHHfcKK^y Micket805i:^ffiLT, lEla 
IS fcntf &nfiI»JResul t806*iSS 0 jg-T fc ©"P* § o 
[0 0 0 6] J^±<D£5ft7°n h 3/1/^— ^Xfcjfo 

^CMtJ#tCO^T[2|2 5£#MLft*SP>f#B£-f £ 0 0 2 

^-T^ftl^o-y ^0-?&3„ 02 51:^1!., 81 fin. 
-^Vy£7i-X££pO^'5-"l'7 7 >h#©, 82«n- 

«f asE%ff * 5 83« r t^xmmzm 

[0007] v^^Tyyms&ut, ^-tHom^m* 

[0 0 0 8] Zfc. XEMV-/^mmi, ^-^©as 

nrc.mm.rn mmm&m-x t , a.— »r ^mji^c 
^-mtt^ft-rz-tvisayMZim^mzit, ax 7 

^mm-it, *.visayM?km^xfflm.?-'rv b*$% 

[0 0 0 9] Sfc, KrW— /<#&83& x-^CDjJSS 
^3t&H^£332^ mmfrv F^t5^7 

^#®83i muL^y h<omim*m.%ffi3i5nr 

•y h*f%¥"J£¥I8832i:, KSESf*SEWtt¥S*«^ffr 

f ijj£*fr ft o 1 , kse*-^ -y 

[0 0 10] PA±<D£olCffil£-$nrcm&<D>'><!f)VV- 

^yi-ymmm^mc&^x, vxYtvmma^x 

S I D tffo.— ifAfjWOt LXAJj^&SUlcAtlZtl 
5 (ST3101, ST8101)o A±)¥S81H±, 



l^fflLTf^ry hG5&¥MS314KjM3„ f-^-'y WSJt 
¥®314«, ^-y < ?KSiJ?3i0i{c*HSTS^SE^'7-'y h 

-f-^^LT (ST310Z), *^§SiIftl3102 

*«iaa^S3i5fcss 0 «LaaiR^S3i5{i, 
siisi3io2*^L^^-r±i-a-fc«, a.— yistiEsaaeK 

t±, ?uffl^nr¥J«e«ja*P8io2^Mia^'!r^ 

314, «miH'B^©316&tJ ;, iiEHi!'r»$gHf^g814tC^5 
(ST3 1 03) o 

[ooi i] mzxttmmm, ^-^mmsamm 

OjMg:fi#IS31 1 5r/T L TE?,liES5t<Authent i cate Reques 
t801i:LTSIE-9-— s^m82lcm*) (ST8102) , 

[0 0 12] a^aiE^--^#IS82tC*5t^Tti, gffiS*Au 
thenticate Request801«^ 2 ©jlSfI^IS321-C s Sfl^ 

mif^'rv hBg##©823f<:Se)tl, ■^-/^ISgiJ : ?8202 
flif^ry MJfW¥&823k:3Me>fi.3 (S T 8 2 0 1 ) 0 
SffiWfB»a¥S323fi, 3— 9*SRgiJ?8201tC*ffSf« 
MX7-F^iLT (ST8202) , *T»)0«dK 
[4/^X7- K8203^-tr<yiya >llBf#¥ia822(CjM0> 
^^S«ii»]8204^-b >y ^> 3 y|t£^f3821&tf-fe -y 
^> 3 ^HBt^#©822{CiM§ (ST8203) . -fe-y 5/ 
3 >«£fi!£#S821{±, ^^«iffi»]8204^Tj t) ^^t" 
«-&fC, «TfctC^>^AftH2-y^3 >H8205*^LT 
t'r>a >IIB(f n^mumS^ v b Bg ^¥©823};:^ 

& (ST 8 2 0 4) o ■fe-v>3^jiHg##S822«, ^ 
^$g*a»18204*^ <0 *7jk?m&l^ -fe «y 1/ a >g|8205 
K8203*fflV>TBg^bLfcBg^k-tr-y i/a > 
H8206^3EfiScL (ST 8 2 0 5) , C ft*m 2 OjMSfS 
¥®Q>lV£ft LTSStBS^Authent icate Response802 i: 

LT^^-f Tyvmm\cmz> (ST8207) „ 
its#^K322a, m&mmm\m\,T$s<o s ^nm^ 

SOX ^^AX^>7°3212^^^r-y hBg^|8823tC« 
*&LTV3. ^^-y hBg^¥S823ti, rt^tcfSffb^ 
-^fiSiJ?8202(C^L^-9--^«aSl^ffl^T, 
■*f»B"J J ?8201 hVr—> ^ligiJ?8202 i: ^ A X ^ > 7^3212 
t-b-yzsa >it8205 ^Bf^ft L TzMM.^ v b 7 s - * 
8207^r^fiSc L (ST8202, ST8206) . £ tl^r 
m 2 ©5MSffi^S321«r^LTKIE^-5r >y Micket803fc 
LX^^^T>b^mSUcm?> (ST 8 2 0 7) „ 

[0013] ^^r^h^Sflifcfc^-ai, istiE^ 

Authenticate Response802«H 1 c0j^Sfa¥IS311^:/)- 
LTBg^t-b -y 5/ 3 yms\06t LT-tr «y ~> 3 >gt«^ 
IS812tCjMSn. KBE^-y Micket803«H 1 ©^§{1 

mm\*frLxmM.?-'Tv bf-^smt Lxm^ 
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y-y h«*S¥S314fcHI?.nS (ST8 1 03) 0 tOlB 
M*^K314«|SE^-y h-r— ^8108*"9— 
/^gimiOlfcWJfS-itltTfiS^f-rS (ST 3 1 1 2) = 
•b >y ~> 3 vmm^miZtt, Bg^fb-b >y -> a >g|8106 
^;U7- F8105^ffl^T«^b-Ti> (ST 8 1 0 
4) „ fcT, iEUvU7- K3yX*«tlfc«^KO 
»iELV>-fe>y^3 fc**l?#5o -b-y^a > 

»8»¥S812T?W5nfc-fe -y -> a ^»8107fi«mffi« 

#©3 1 6 tc m e nsBH 2 n s . 

[0 0 14] 4$& : fB'|jtt#J£316«, -t-y^a y®8107^ 
&f££ K 1 5« L T BBS <D 7* * -b X ^ 5 © T 

(ST8105), mmwM^m&mmmio2tf5-x.z> 

ftfc*^*:, IB1i Lfc-b-yv' a >«8109*SEWW ffiBg^f 
¥©814fc:£5o ffiWH-B#^I2813«, IiaBtgiJ^ItBtL 
TfcD, il&BfgiJtcS^X ^^AX^>7°811O^II0^'tf 

its fflmm^m&mwmmtf5-z.zti?>t, 3.— r 

,l)j'J : ?8104 t: ? -T AX * ^ 7°81 10 £ £r-b -y ~> a ^118109 
*fflV^THg^bb/£|?«*iE0^»fg8111%^L (S 
T 8 1 0 6) , Ctl^rSB 1 ©iMSii^311^LTil 
nJgsRAuthorize Request804i: LTMT5T+>"— S83tC 
m% (S T 8 1 0 7) „ IwE^-y h###©314«\ 

=F3101icW&tZQi& L ftiBI^ y h £ 81 12*, 
fg 1 cOjM^{H#©311*/l-LTl?JiE^^'y Micket805£: 
LTagnJI*-— y^-IS83fCjM3 (S T 8 1 0 7) o 
[0 0 15] ISnJ-9--/^ia83^*3V^T«, SrISsRAu 
thorizc Request804{ii53 cO^§{g#©331^LT^ 
WS^HiEB/tli ^8308 i: L TttEfllf fflf$BSt#¥&833fi:i£ 5 
fU Hicket805filB3O5iSS<g¥©331i&i> 
UTMSE^'y b-r-£8301 i:LT? : -/--y MI#¥S83 
UcaSSn* (S T 8 3 0 1 ) o f-^y MS9¥©831 

a, t»^>y h^-^ssoi^rrtgp^^Lfcg-y— a 
nmm^m i^t& %<t l wen /c a— y »bu? 8302 

i: -9—/ SftJgiJ? 8303 1 Z 4 A X £ >7"8304 fc^'yh 
UJi£ ¥©832£ig t> , -b -y > a >H8305*EEf«t»« 
«^¥©833{CSS (S T 8 3 0 2) „ iSnJfW¥IS332 
fi, Ij!ftB#£iJ£ftl$LT*5'K JSft«fi!l««8306*f-y 

■y h Mwn^mmiimmm%mm\^mm^'Sk 

f&LTt^„ ^y-y h^?MiJ^¥IS832«, 9— >%m\ 

^8303 i: gptcMf Lfc^~j mm? t <D-m*lfe* 
ftteo tt&ic, ?^w?y 7°8304 1 m&RMmsm 
wh(ommi£<r>mimm(omm\Hx°3bz> ct*?-± -y 

y-y h^L-^ligiJ^8307i: bTlSnTF,9^#©835(C^§ 

( S T 3 3 0 6 , ST3307) o HW1f $8**f 
833«, Ef«^liEH^ffiffi8308*-b-y~>3 >®8305&ffl 

^Ttt^kLT, !#p.nrcn.-^i®Bij?8309i:^i'Ax 

^>7 9 8310i:%iEB^'tffBW5aW^IS834tc31?» (ST 
8 3 0 3) o KSE»f*liEW1ffgti^v-rr^h¥®7?-b 



-y iya >H*fflV>TBg^{t^ nTV>S<DT\ ^7-Y7> 
h#STIEL^-b y i/ a >»^fflv6nfcJi^f«:©^ 

c c: tie l if ssgij? £ * ■< a x # > -? t *m 5 n 

3o IIH^tflSW?i)W^¥©834«, ^^AX^V^SSIO 
t^«fgiJ1f^8306i:<DM^m^©^M<?)IEHF*3'r* 
SCtWxyi' LT, MT'&Zm&lC^— »f»SlJ?83 
09*EBj|ZL-+f 1 iigiJ?8311 1 LT^!nrfia^¥S835fc2S 
§ (ST8304, ST830 5) „ ISbI^-&¥IS835 
fi, ^^-y ho.— «f^giI?8307i:liEW^.-^S'm3ll 
i:cD-g(W^R^^ (ST8306) , 
fflBnra»I8312*x II 3 ©3S£fI¥®331*/f LTSnT 
51ft]Result806t LT^^^T>h¥iS8HCjM*3 (S T 
8 3 0 7, S T 3 3 1 7) , ^^^T> h^SUOS^ 

TSfi$n-s (st3 1 1 8) „ iiofcf, -mmw 

Mtrs-Dfcm^ z.—vm&tfi'f KXZyftftrt. 

[0 0 16] 

fflLT^oD, # tc fijffl is nrsaao tf ^ 5 ^ 7 > h fiij 
«^§y«fB**^x-?- h x * >^ «t 3 ^itssaiMi^ 

[0 0 17] $fc, ±1B^*<0«^T«, lOOlSffi^ 
l/^gRSfcWLT^fc 

[0018] c5 Lfc^3R©iia*»i*-r« 

y^y^^^BE^ffiR^MIEiyX^A^aWrS C fc* 
[0 0 19] 

LMfME^-y h ^Ba^LTfiJffllSoIT^KW-^ 
^SfcKtt, HuIBIEIif-^'y Mi, hWm&tm 

^mn tmthmmtmmmtv-j mm? t *^*b 

E?^##^nrct>©TSt), tijfBF.^ffi$S«, tufESS 
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0, ft3Se^liE^>v hvmmmt&tfik (kten^TcDIE 
[0 0 2 0] CfUCiD, ^^-rZVMlJT-ODBt^II 

ymtDmMft'&Rmzm ^xfi <=> n # 0 
[002 1] ^2tc Mmm.u-y-—/^f$ti±. =L-*rm 

[0022] cntc^O, ±sBS!jiftfC)!)P^T, a— 9^ 

s&o-'asa ^x^a*^ £ ft&o 
[0023] m3tc mib^se-9— Mfgtt, jL—*rm 

nzftz mmmmn s c t t l tv >s , 

[0 0 2 4] CtttCfct), ±8BSS&*f<:ipAT, tSmE^-^r 
-y h tcfYS txSFSmPiWrz.-- ^ffiE#£Si:&W1&i; * 

[0 0 2 5] 35 4 te, mEffi>g.<D^ujmmWtf-J5fa1i 

[0 0 2 6] CfttcfcD, ±m%}mctm%.T, 25^7 

[0027] m 5 ic, mmmm.T-'r - y e- &&ftmmm=? 

tijfEISKE^^ -y h <DJ$"a , 1ffB i: W^IaliK fc 0 B# % 

mm$. mimmmmcms&mfeo^njmmn* n - k 

iritis *#»i:Ln^„ 
[0 0 2 8] £tllc£K). ±B2?A*tcinx.T, tgliE^ 



Hff * ft 5 fc i&WSKtfUJEfc felt 5 W#J»3PB£- «k 0 JS < K 

ft%>„ 

[0029] m&iz, mzf^^ryhmm, mm 

MIBIfJiE-9--A^gti, tijIBISIiE^^-y Y^m^t^t 
^r-y hcDffi^^rS:^TMSEgliE^^-y hgil¥ISfcMlB 

[0030] cntcJ;D, ±8B^*JcAnx.T, iUffi^^ 
>y ^* >! Mif^n^l/^>X'rA^cfcl,^T, ISSE^-y h^r 

SET? j* St/^liE ->XfA 5> ti § o 

[0031] ifmc mm^^^ryY^mt. mtm 

b £ £ t Ctl^Tjk L T^iJffltS nl^5f<46 § fe © Trfe D , 

taiaisiiE^^ - y h %m^^ ££& imimmzm 

iU buSB^rI-9— nflSBilSIE^-y h^rM«? 
f Sfc4:t.fcM»f«ffi*3B*U HulBI2iiE^<y b<DM 

Tik^immmm^ -y h osiff#^ij?A^-r^3B 
>rv b<DmM*M£u mmmmv- '^mzrcimm 

L%^^£%ttm.£ LTl/^c 
[0 0 3 2] iintc^O. ±lB^)*fCi&P^T, ISIiE^^ 
-y htfHSrSft^X-r-tUc&^T, iSaEf-^'y hcDfiJ 

4< T**«, ^>^-9-^>^>^OlS|iE77?SS^iI 
•>Xfi>^#6tl5 0 
[0 0 3 3] 

[0 0 3 4] (^1 (D^Sfi©^fi) fg 1 ©*^»1BC0|S 

X^o^7^7yE?gl i:, a— 9WiE*fT* 5 S 
SE^-/^IS2t, *7^7yh#gior^-bx«i 

§ 0 zvJTw^m.uc^ \wmm^y^^- 
J»^li$ga&i*> xv-h7i^i:WPt, is 
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[0 0 3 5] t^-iyy hm^l^r— ^¥©3 k 

<Dfl8 » 1: (i J&HBEfi* y h V - * fc <fc 0 n 

fLfe!ffl*7 hV-^T'g^tlTt^ft^, «5ffi* 
i64^MLTl^M^«« £ <D*Bffifflf$fi 4 kLT 

6 ^ p> g m ? n s it s ffi * h ffl v ^ e> n § 0 

[0036] * v-f 7" > h 1 (4> f UfflK Br#«Bl?ffl 

n m ( n mmifr v h ©wasnisso -> msmzm 

WmiF.hJ! k % g W k L Tttin;* ns to?, y< -y -fe-^ 
[0037] * 5 -r r y v mst i t w-^a 3 k 

W* 4 (C^oJffiSit^: f £ n - k lei ( k a^fiE^ >yh<D 

mmvM^mx*<D&m®$o ffft o rc*g**si^i8?B 6 
t Lrm^Zo ^mmn f ^^hs^^^^ 

*B6 tiHffflltSM £*ge>ftv^H#lc«:JJ-S-r3 c k* ? 
■P t % V 46, c ©Jl^lffB 6 J; D SfffilW $g 4 % 

frfcfrnTVS rob. c ©fl^tiPS 6 5%0£a*ftMR 

[0038] ^^-rr>h¥mi c©ffi^w«6 

«^FLTV>fcK:aEf-y-<y h 7 k kfcfdKW-^¥ 

is 3 teas??, M#a3tt, ssffi-?-^ 

f £ k Wftftofc&WggffiE^ 7h7 flg^ffif* 
nDifc] 8 Dig-To 

[0 0 3 9] t), ^7^7yhfSllii 

k ft < , n@l TlSEf-'y- -y h 7 ^filffl L TfiJfflffiRl* 

[0 0 4 0] CO^^tC, **SSOJg«i<D^E>'XT-^ 
54, *ra&IH»tfn (n«IESE») TfeSEMEf-^'y 

t m& l xmmm^-r s wmv-^®. t *mm l t v> 

[0 0 4 1 ] tuHBl?>liE^y-y Mcfi, fig^fflflBOffifc, 
^-5ry hffigij^ SailSC, ^tBB#, ^"-^^J^ft 



offiffldl^^k (k«nWTOiES»[) T-ab§k^, bu 
l3Sffi1t?Btc3f3£O^RriMaSI¥* n - k 0*LfcflH8T? 

[0 0 4 2] L/c^tfiScfCckD, ^^-rr^hfiijTO 

Hg#«ia!*^s t mm** -y h <D\m 

■9- v ^- ymvmwi Rt?^aE ->xfA^i5n5„ 
[0043] cm 2 <omm<D&m) m 2 oymmmow, 

[0 0 4 4] ComM.^ Xv-L.lt s 02^fJ;-5{c> 
® 1 1 0 r ^ -feXttPS^f W b T^iJfflE^nJ^fTft d ISW 

-/^¥I33 tfrztft*), z^-fTyb^-mitmmit- 
mm*--*; bv—iric&omffiztiT^Zo cokbtij— 

/^g3tiSl©Hilgffi (HI) i:|SI-T'*D, $ 

¥13 3 tciMfi-f Sft^WffB&tfffiW^^ 7K 5 5> teas 
/ 3 frS f 5 W 7 > h ¥131 1 t) n § 

i^oia*p8 fco^rfe, m 1 ©^ste^ffi (ei 1 ) kini- 

[0 0 4 5] C£D|SgiEi/X-rAcD^-7-Yr> h^Slli: 
ISE^- /^SlZfctt, a-f^yy7x-X^/TLT 

A^^nrc/^xv- KPwt^;aEit-/^Ki2«fc ott?rc 
a^tR t<DmmK^mmn f * 1 0fTft^fc$s*^if$ 
mmmt LTMt^o ^btm^^c f ^3t»g±ft5p 

c©^mf^si4«^x7-FPw^*n?.ft^mH^ic« 

ff»-T5Ci:^T^ftv>„ 

[0046] t^^Tyy^m\hmm*r--^msa2h 
<D=L-if%mmmic ^ v r « , ^ai 2^sl» 

f * 1 iHiffft o rawBit fgi4^»m l, c ©arnit 

milcX ZlcTvJ&WiW f *n® (Iln+lHl, nit 
mm^-y tTftofc^S^ISIiE^WfB 
13k LT^SE^-^^mi2lCjM5c 
[0 0 4 7] CftlCttLs mm?— ^^g§12{4, igSEffi 
^1»|gl3^6WffiW«l4«<-acLT^aci:*«8B^* 
k , 3ffiffifflf«14fc3FpriS*iS» f « n Hff ft o Tc^S^M 
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z'A,m± t m^mmm* s m t Lxittmznz t> <d 

X\ ^ -y-tr-vMn- F-f-ri^l/S^S: Emmx 

[0048] %rc, f7^T>hm&nttmv-'^ 
S3 i;ofijfflfsnj^jiiic*5^T«, ^-^rvF^isii 
tfwmm mu^ymmm f^n-k@ ( k imm^*r 

•y F©#JfflKRp£JllT?©tefBii|») R&o fo*SJil£:i^ 
tt i: ISI^Oft $ ^ > ^" Att^rJt o T l ^ PI D , lO 

n^ttis 6 «*gfgfiif si 4££n 5 * i/ imwr 3 

C i: T* # & V >fc C © Sl^1f ffi 6 fc«t 0 «f ffiffi* 1 4 
*%}%JEm%^~-*fX3o%z ttf^-ZtiZ,* *fcs i§* 

^<tT^t3tlTV^/c46> C©»jSflH8 6 

[0049] t^-fryb^mii*. ccom^mme 

IS 3 fc)M 0 , c fttc*f LEBfv- ^¥18 3 teggllf-^ -y 

f 7 tf-a&mK^iDmi t , jm^wiih e tc^wriMig» f 

-Sif SCi ©SSuiS i: 3:fT% ot, lE^i: agi6fti£fgpj 
ffl»]8£:SMfJ}g-f 0 

[0050] co^ffiic^D, ^^-rryb^mmm 

ttflMfiUfv**?— F P W*|f>BJ-9--/^S 3 *^46fc 
Wfrf C t £ < , n m S T^,iif.-7-^ 7b7^ffi 
ffl L T fij ffl IS BJ % % % £ t ft X t £ o 
[0 0 51] C<D&51C, &mM(DBM(DMmi'X9-I* 

*£/£ Ls c n*^ l r * 5 y r > f ¥Sk sKje^w 
mm t Am t <Dm&\zm'Ai<D^wmm* 1 ®&l±m l 

[0052] L9 Lfc«figfc j: t), si i (omsmmtom 
[0053] cm 3 nnrnmrn) m 3 (Dmrnnmrnz 

II^xf-ATli, HStc^TJ:?^ ^7Y7yhfg 

21 tc j: -a T^sit^nrcKaifflaa^iffiffiif ig24 £ lt * 

5 f 7 > F mn 1 i: > ^¥©22 1 © fl"eft# * ft 

^>o 

[0 0 5 4] oOiyX^AT'iJ, 3.— <f^SE#)«{Ct5V> 

7 -c r y h mn 1 (c sgSESisif s o » 5 r 



t^^^TyY #&2ltflH£Xlc ^i?5c L fe^ffifflf $824 i: 

#©22lCjg5 0 H3(CfeV^T, ta^ r@j ti^ftfiw^a 
ft (EXOR) iaJS*^LT(/-«5o 
[0 0 5 5] ilfttc^tL, MMV~>^®Z2\,Z, BEffi 
^«$B23i:/^X7- K P W i: SLiSc R tj6^iMi¥LTffiffi 
'If|g25**i6§ 0 fit, d<D^aB1f^25(C^plJfiSI» 

ISSE^ *fvHjn L feBSE^-Jr y h 5 * ^ 7" > h ¥©21 

fcjMos-To ^^-rr>h¥S2i«, cft^fijfflKW 

Hi T'ffl I > § tz 46 tcMf -r o 
[0 0 5 6] ^43, La- if 2>^lE;&^H#TBtEJf 
^tf fS23^® a tcfF 6 ft fc t, <Dt£ 1 1 till, 

f- ¥S21 T'BBE^-t- <y h 5 * A¥~T 5 CtWttt, 
■9--/^mSII^ftfg23A^^X7- F P WtilWLR t 

*m v mm l fc^mw f g25 « ^ ^ ^ z > h ¥S2 1 k u 

[0 0 5 7] 5"7-<(TyY^m\tfmy-—>^Wt.3 t 

mmuc^niMffim t * n - k m c k aggiE^ >y f» 
$g6«$gfeiff?824*ftie^:v^m'H#{c«a+®-r§ 

"P#*V^c46, C<D*^1SIH6fCj;»)^{H!B1S$fi24*»l« 

[0 0 5 8] ^^^r>F¥IS2Hi, CCO»r3$S6 
l/T^ft«Efyf h 7 i: i: ^¥ 
S 3 tc3M 0 , c ft{c^Lggnj-9--^¥IS 3 tiaSffi^ -y 
F 7 tf<3tsWm? co^SE i: , ii^Wffi 6 K^TjaWH f 
*klQlff^ofc*S*A^iaE^'y-y F 7 *^t?M^1f $S{e 

-gjr § d i: <Dwm t ziite -d x . jEmtm&mmBi 
8 *m o jm-To 

[0 0 5 9] C©73?£tcj;D, <7^^7>'F¥a2ni, 
»tSIS24^/^X7- F P W*BBT-9--/^a 3 £r^46 
fcS=*k:W^ , r«:fc%<, n[e]^TlSiiE^^-y h 7* 

[0 0 6 0] #|^cDm^lSliEi/XT-A 

3r£fijcU Cft^r^LT^^-f'r^F^IStCESIiEjf^tf 

$g) t©s^w^afp?s»ig*T^D. c©«rt$g 
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<5o 

[0 0 6 1] c?Lfc*/*f<:«fc!K SHE^y haWr 

[0062] cm 4 nmmmzmd m 4 (Dnmmm-e 
m^Mtzn*m'ij-?z&^®L<D7n -y zmmc-o^x 

[0 0 6 3] 0 4&, cOv'XfATOT'ahnM/TK 
TS(K I ~)J t4«K*fflV^=^E?Ss#SI»*SLT 

[0064] ^^^T>h^m3itmm--^^mzt 

KgiJ^U I ^WSU^S I DfcfcfcfefcofcKIE 

^Authenticate RequestSOl^UfflE^— ^#l§32tCj£ 
5„ C©B#, fgfiEl^Authenticate Request30l7^«g|jE 

[0 0 6 5] CtXtC*fLT, l^fiE-9--/^IS32«, flE@ 
§ «fc 9 tc^sic^ nfcSLSSc R 0 * h fe ^ o fclSE^ * 
v^Chal lenge302^jM t> S^o C ^"y^T 
>F¥©3U±, a-f^y^7i-X^LUA?tl 
ft/ ^X 7 - F P W i: a» R 0 t vmmctt LTn+lg 
©/ n >y 2/ a. mW H L £ fc * o fc^SE^* U 

>i/JtS^Response303^jH 0 JM U CtUc^f LiStiE+f— 
M¥IS32li, f--^ U>yjS^Response303^*3tt?> n + 
1 K^vy i Zft&irc n + i W^y *ya. 

fSltWAx^yyT s ob-V—'mw&s i Dt 
Kffi-9--^32S#*^-r%ff#WB'J : f I I Dttttt>& 

to ^^-fr>b^mnt. cnzmmmmuxm^ 

[0 0 6 6] Sfe, ^7^T>h¥fS31i:aSpJD— 
®33h£DflJffl!SWJ#)litc*3^T^, ^^rvF^gSl 
ftW.nTSsRAuthorize Requests. tfl^fiEf-^ >y FTicket3 
05^ISBj+^-^¥IS33^iM5o <1©H$, KRlS^Author 
ize Request*^— <f^SU^U ID££:&%5&©£:L 
Tfe<fcV\, CftfcftLT, fgoJ-9--^K33«, £©|g 

SE^-y >y h (Dmrnrnmcm-j <ffik^i:&%^ fci^pjf- 

■V l^>^Challenge306£j£t>ig-fo Ctl^iftz^^^ 



T>b¥-mUZ, KPWtaSR 0 tOl^C 

t%-3 fcMal^ ^JtSS:Response307^jM 0 „ 
[0067] C ©zn <y ^ MS H 7a fttt 

t^cDS^RCf7>^Att«:jfoTV>§ffif?. C©/n 
•y i/ a iI^I(i^X7 — K P W&tf R 0 P> & 

3.ia»«S*fc: J: F* P WfcfclSIElifc:!— 9"? 

fc^CtA^nSo ii£k:£fr©{£3(ii:zvy 
a 'MW H <D®t.WLtfi& < ?T& nT 5 fc *6> 
a y i/ a ^»^«rtt»-r £ C t 

A7'>agSHt LTJi, f?iJ^.ffMD 5-^S H A^ii'cD 

[0 0 6 8] CfUC*tLT, ignJ^-/^S32(±, E^nJ 

\yy ^jS^ResponseSOTfCfctt?. n - k + 1 ©/\>y 
^> n MK^Stc ^ e> fc k |g©/N >y ^> a mnttffi L fc^S 
fc^IiE^-y -y F Ticket &C*5tt 3 n + 1 g^'y 
St*Jt«c^SEL, -ScrnffiESi:S4&TKnIji»JRe 
sult308^MD3Mt- o ^«MD308;»HlgpJfC 

i t> r <7 -fe x ^fp wr $ n rc « $ g i n f o it m b# f c 1 1 * 3 1, 

[0 0 6 9] W±©J;9a7°P hnyVv—^rVXtCj; 

0, f^-fyy F¥@3i«/^xy- kpw*8bt^ 

[0 0 7 0] J: 5 47*n h 3;l/i/-^yx*»o» 
ruEi/X^A©^{CO(,^Tig 5 «if7"n -y 

[007 1] 05&c:fci/Vc\ sm^L-^^y^y x—7. 
ttm-Dt^-fyyb^-m, 32«n— tfaaff^ffft^BK 

33«T^-bX«8|51*¥iJ»fLTfiJffl^Rr*f7 

[0 0 7 2] 9?'f7>b&mil&. x— £©8S»I!* 
fT^^mi ©agSffi¥S3iii:, a.— tf*^©AX7^» 
* A7j¥IS31 2 i: , 2 O© A;>J«*S L T/n -y S/ a 
H ^rtT^: 5 / n >y > a ^18313 £ , SfS L fc^IIE^ -y h 
^fSSt-§^^-y F«J^¥®314i:, mm^y b<DU 

mmicit cTwmztiamir % mwrnim^ 15 1 , / > 

•v>ail5»lia«*S5?BKfc:a3«-rsi»SBIB«^S3l6 

k> -^^.5>nfcSi!(src«#x.p»nrc2-3©^fi©zi© 
ia^©7 % . y s/ a. ms^it^ a ^ia^ > -y ~> a ¥©3 1 7 1 * 

[0 0 7 3] mi ©jMSM¥S311«, mm^-y h7- 
^ ©fliSfcJS i; xm*. IS L A N A— F3I© L A N 4 y 9 

7i-Xgf, €fAfOSg4'>^7x-Xm SI 
^•r-^afi^-F-f'P I AF S#-F3?©fcM8f V* 
7x-X8E I rDA€i'*a-;l/f©Mi^y$7 

x-xmw&fxffii&zft, aMffi^fcjcsuTcns© 
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^<o^»^tt«M^LttJ;^o Ayi¥©312 
14, #|;U4*¥— *-F\ fV^-fO^A^jSi, -7 

> ?'fv W x-f>a#i# * V^-f i: *^iiiffi i: Offl 

&3W4£ v^/^;l/ft£Tl#fiSc£ft3o 
^ ¥©31 3(4 , 3. ff ifeSIslBS t^-y^^-^WHcOT^ 

ti5„ T^'y FM#¥©314J4, fllAMf^tDBBtfte 

T't§o «ffilB«¥l8316ti, 0!I*{4*I C#-K<E>«fc3 

*jg®%mw\B}ffite£*&])uLzmfiz-ztiz>o ft&\ ± 

ftflMTXn Aieii«f*tciBii U 7°o ^5 AfEIS 

[0 0 7 4] Sfc, i^aE"*- /S¥©3214, 7 ! —$i<Dm& 
fi^tTft 3^2 CD}£§fi¥©321 i: , ilffif^^iJ^ftBtt- 
*KiEiHW«322i:, F^¥oa— «fffi|iEt*ffi 

^*«T § SfiEf!!$gS«¥©323 i: , a— 9*gHSLS« 

is zl ^©325 fc , 2 vy ~> a fli^Jrb^?,S^T S 

1SII!1£¥©326£:, ISIiE^y-y Ff£tT«fc:x^-*ft 
f-^r-y F»B'-£»f S^-y h iffiij? £j£¥©327 
k, BK^-Jry Ffcttrs&3I?*£#LTttairrsK 
SE? W*n¥©328 i: 5:08* T i^3 0 
[0 0 7 5] lg2 0^SfB¥S32HJ;, il«*>y 
£ <Dffi8ifC IS D T0U*.(4* LAN*— F^D LAN^V^ 

7i-xSl, ^-5v-;V7^fdl SDN-l'V* 
7i-XgSf, ^T*A1?<D'«ISf >^7i-Xg«, & 
ff-?II*- F^PI AFSA- FfOlI^ y $ 

7i-xgf s i r d k^-y^—^miD^m^y^y 

i-Xglftt'TMSnS. ISSEH-R#¥©322f4, fiaj 
* * ^ v * ? > * tfteffl £ ft 5 0 KffittWBf ¥®32 

fc3^{i*««/^X*T r -*{l:-r3giftg« 
&if«?n5o Sg2cD^©/vy:yi¥©325t4, M 
x. &4V n >y %/ a M» HC7;WU XA A,7£iftJI HI 

ss tc m 7^ * x >r - k / %v * t z mm* mm * ts ? y f ? 
&inv>9i*z *iiira l t«js 5 n § o sies^¥©32 

6(4, (M*tmKlHlKT*«lfi!t*n«o f~y--y hWBijyS- 
$¥©327(4, M*fc»E^aifry h&Zftr>rz*?>9 



T^FdfD XA^ffi^^^iRJSClHiK&tf^ * U 

[0 0 7 6] gcfc, /^S33(4, ^-^©SSS 

ff^ff % 5^3 cDSSfS¥IS331 i: , ijtffi0#£iJ£itB£-f 

y-y b(D^y hm$i : ?tm%im%.tmt)mmvim®m 

/ vy -> a iB* H fcfTft 3 ^ 3 © ^IS^ > >y ^ a ¥® 33 
6 1 , 2O0^gA7ya fit* JtKSa^-T 5 KnTfiR^ 
i8337£::&fim*.Tl^5o 

[0 0 7 7] m 3 <0SiSM#S33i{i, mm*v hv- 
5 OffllSiCjS CT0IJ^(f L A N *- h'm<D L A N Y > 2 

7i-xm t-rA^?co«ig-r>^7x-xgi«, m 
m^r-zmmjj- KJppiAFs*- K*©*i»-r>* 

7x-Xgf, I rDA€v>a-)l/?j0^i^y?7 
i-X8I5ift'MSn5o |gnJftB#¥©332t4, 0>J 

^. i£ z << v * t> y z t>mm $ n s o §gSE? «aE¥S333 

><^'J|£!lI^T«$ft§o f-^r-y hfiWJ'/if¥S334 
14, mffJ£«@K0ffi£-efC«fcD«$Sft5 o ^^"'^ 

f f uffl«a¥®335 fu/u @»*w-»-r s mnwm t 
±mm<D * ^ y wxt offi^tc * d ft 5 „ 

35 3 <£> ^ig; vy a. ¥©336 14 , fi»J * 14*35 2©M^7 

^> rt ¥©325 1 mmoiffinm&T* t> V > $ <D X U -t «y F 

fifi*5^i6tCDT-^fiSt$ft^o E?,nJ{l^-¥©337f4, ffil*. 
{fJ:b«0£ST«$ft?»o ftfc, ±HE#¥©*V^^D 
n > t° a - ^ £ f c l4jjq,iU 3 y tf a. - ^ ±<D n > b° a - ^ 

3BSffi»{casS U 7n?y Aia^iKf*^ 0 SB t ffl 

[0 0 7 8] JiU:®£5tC«/££ftfcE?JiE?m&mSH 
v-Xf AtcfeV^T, J-XT-f-^Kf^fcov^THI 6 *mML 
ft^SSiWfSo ClilTii. |gfiES5}<Authenticate Req 
uest301^igaE^-7- >y F W^JIhI^ n * i: fe ft 3 i^lCO 

[0 0 7 9] $-r, X^-TTV F¥©3HC43V^>T, 3-- 
+f@#*¥t-3.-+fa(giJ?U I Di:|g|iE-9--^¥©32{C 
* 6 ^ U i6eii * ftrcrr-if ^Bffl^X «7 - H P W t 

mm%m%m%ttM<D*j--/mm?s i D^tsn^^-y 

FOWa&HHRn k*^-+fAy7300i: L,TA7j¥©312{<: 
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AlTZtlZ (ST3101, S T 3 1 0 4 ) 0 A?3¥ 
6g312{4, 3.— tf \Jl300*-f!mn?5 1 1 t>(C+>--/S 
iiBiJ?3101^1XWbTf-y'y HBi$3M8!314fc3M5o 
^•y FM#¥©314«, -9"- ^WgiJ?3iou«:WJES-rsiB 
SE^-7->y hf-^5:MLT (ST3102) « 

*ii»]3io2*j!aaaw#®3i5fcss«o aasa&^ssis 

i#®3i7fc3as»3, ^^^tm^iat (ST 3 1 0 
3) , fiJffl!SpJ¥l«®ifiSft]3l04%Mf5^'y F«#¥ 

S3 1 4 fc amiBti#©3 lGt&mwi/a. m%i nh\cm 
[0080] tui2A^j¥S3i2«. 3.—*fmmmw$Q3 

103tf#*SftSfc, -B#{SJ#LfcOL— tfA7 L 3300^e.fR 
a L/c, n— tfiffiij? fctf- /^gij^^r$j|lli&©*131 
05£gS 1 ©jM^#©311^/r-LT^IiES*Authenticat 
e Request301i: LT^aE^— A¥©32fc:jMt> (S T 3 1 
0 5) , ti®WmiW*&®.>^yi/a.^®3mcm*), 
/U7- F3107^^-y^n.^lS313fc^5o 

[0 0 8 1] /^#|g32tCj3V">T«, 3gSE^5l<Au 

thenticate Request301«H 2 ©SS:fl¥S321-CSfl£ 
tl, fxm^nfc^.-+f1iBiJ?3201^gliE'lffg«fI¥®32 
3(CS 5 ^^0^3202^^ 2 <D&W ^^a ¥15325 
S.t>"S3iE?#)!jO¥ia328(c5S 6 tl, -9— /^HiJ?3203^ 

isaE?#*p¥ia328fcjMe)n§ (s t 3 2 0 1 ) „ ise 
mm&wzwaz&z, a— f §bb'J? 3201 t^t/st 3 ^x 
7- f^^lt (s t 3 2 0 2) , ^oom^at 

( S T 3 2 0 3 ) , /U7- F3204£:I5 2 <D&®.^V 
a ¥®325fC>M D , «llRi|iS*jl»]3205*a»*fiK^S324 
&0-1?S 2 ©^|g/ vy ~>a #S325£5£S „ 

[0 0 8 2] SUfc£/*¥K324«\ «H5*g»a»I3205^ 
^»)*^-r»&K, 7*- *SSaffl U>"^3UK3206 
*ff fc (C 5 V ^A L Tfg 2 © £®/ N-y>a ¥©32 

■V U>^Challenge302i: Lt^7^7y F3M831fCjM3 
(ST 3 2 0 4) o g , i2©^S^>y^a¥IS325^, & 
^S*ji*n3205^W 0 fcjSf H-S-fC, ;U7- K3204fc 
7^ U>^a&3206fc©»*gfc:ttL*r8(j|IltS(3202<fc 0 1 
^V^SSSJO/ n -y is a rUS H * o T , n >y 

i/aM3207*KfiEfig^#a326f<:ii£S (S T 3 2 0 
5) c 

[0 0 8 3] CfUC*tLT^9-Y7 r > F¥I831{C*5^T 
14, ESKE^-V U>^Challenge302fi^ 1 ©jM§{f¥®31 

*>a¥IS313&c5M<=,ft£ (S T 3 1 0 6) „ A7~/af 

IS3i3(iAX7- FSK^f-^ u>->'SLiSc3i08i:oa^ 

fCttl-^N^ayftWH^f&^T (ST3107) , 
>y f a ffl3 1 09*«miBia¥©316& tf ^ v 
a ¥S3 1 7 tC 53g S o 1$«ti¥©3 1 6 « ^ -y a ffi3 1 09 



#^0*fF^-r5 (ST3 1 08) 0 ^gAr>a?g 

3i7i4, ^-vmm^mmhmmmtf^z.znx^s 

B$, M <y i/ a 1fi3109(C W$>lel$C3 1 06tCffl S f § StSt©' n 
'y^ag^H^rtf&oT (ST 3 1 09) , fcH<D^I§ 
/N-y^afl3114^r, |g 1 ©SSff ¥Jsg31l£/l-LTlSliE 
?-V U>^JCS^Response303£: LTl!«E+>-— /S3M832JC 
SI, (ST3 1 1 0) „ 
[0 0 8 4] HtUzMLTMMV-'^mzias^X 
14, ISSEt^ b> ^/S^Response303«^ 2 ©Sgft¥ 
1532 1 Tgft 2 ft, ^15' n <y i/ a ffl3208^HXm £ tlTlS 
M^|a326(C5MP>tl§ (S T 3 2 0 6) . MMM& 
¥P£326ii, £®/vy ->aM3207i:^3yvy ~>affi3208 
fc©— »*J^*ffft^ (S T 3 2 0 7) , P,-&*SJR3209 
>y FfKB"J?£fi!i#lg327fCjM3 h fe tc^S/N-y 
a f|t3208^ %(D * $ n -V *S a ^13210 £ L Tl^fiE^ 

^g«327^-g(%^-r^tc, wwsfr*rv vwsm-s 

212«rSfefigLTgSE^/jP#IS328fCjM§ (S T 3 2 0 
8) o 

[0 0 8 5] Ef,ietB#¥S322(i, JiftBtgiJ^ItBt LT 
*30, IIffiH#giJ(ca-^< ^-Y AX^>7°3211^:^aE?^ 
*P#IS328fcmbT^i> 0 KBE : ?^n¥S328{4, t^v" 
•y F WkWf-yi 12 i: ^-IS-' n -y a M3210 i: -f / ^0^3202 
^ -i A X ^ > 7°32 1 1 1 V—f S|f SW3203 1 ISfiED--/ ^32 

: ?^^bT^APLTlSiiE7 : -v--y Fr : -^3213^L (S 
T 3 2 0 9) , m 2 ©JMSfS ¥15321^/1- LXMM^ 
y FTicket304i: lt^7^7y F¥IS3UCjM5 (ST 
3 2 10) o 

[0 0 8 6] cnicWbT^^-rr^F^ISSHCfel/^T 
t±, .ImE^^-y FTicket304«M! 1 ©j^S{3¥S311t?S 
fi£*i, tm^^ry Yf—^ZWOi^^tnXmB^ 

■y F«w#S3i4fC3ase)na (stsi i o 0 nuia^ 

v--y FSRf^iaSH^ISE^^-y F-r-^3110%-9— ^ 
WBlJ^lOlilW^ttTfiajL (ST 3 1 1 2) , fUHJ 
|gnJ¥IW®»Jffla]3104^-^^ ^nfcif-a-tc, gfiE7 L '7- -y 
Fx- ^31 U«S 1 ©SSfI¥IS311*/l-LTESIiEf-v- 
>y FTicket305i: LT^[nIS^<Authorize Requests i: t 
tc|M+)--^¥S33fciM§ (ST 3 1 13) 
WM^^r v Y -r- ^ *^ W8&HSK31 1 2^r5jm b T ^IS^ n 
■y^a¥l§317tCjM§o 

[0087] cntcwuTffiRi'y— ^mmias^x 

t±, l?,IIf-v-'y FTicket305^ri: t^ofclSBJS5t<Autho 
rize Request^ 3 ©jg§fI¥K331T§fB£ft, IS IE 
^7hf-? 3301*^W $ nTESSI? ^liE¥ia333tC 
S?»n§ (ST3301) „ l?»^II¥S333«, IS 
IEt^ <y h t-'- ^3301 ©ISSiE^ t: ISIiE^ ^©x- ^ ffi 
i: (Dm&m*tm LT WISS3304^7^v- >y h W^jf 
¥©3341;:^ tt fete (ST 3 3 0 4) , r—ZgHfr 
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^^-fAX^y 73302 1 "9"-/ S!$giJ^3303 k £r^m L T 
f-y--y h#?MU^S334tC, ^-y MKglJ^3305 i: ^ 

isy n y y a ii3306 i: mmm^Qi t mi #^sy?3308 <t 

[0 0 8 8] fgpjH+B#^S332«. IlfeB#giJ^|+B#LT 

mm\^mm\c^Lx^ 0 ^>y vmimwt 

S334«x 1*SE!|g*3304#& 0 * L&^-r*§£-{C ( S T 
3 3 0 5) , '9— ^i«8lJ?3303fclWC«#Lfc 
/WJf t€)-g(W^fT^5 t ttlC (ST3 3 0 
2, ST3303) , £^ AX ^> 73302 kljlftBtgOjC 

< ^ -r a x * > 73309 1 <Dmwpft7£.(Dm5mm<Dm. 

lrtt$iStiWx7^LT (ST 3 3 0 6, ST3 

307) % v^-rnt*-efe§±i-a-(c9 i '7--y hw?AM*P33 
io>£^^-y bmmmm^mztticmzc ^<omwm 
«, 3s < tasf a t-tr+a. y T--f ti|pj±-r « afa.— ■ «f fj 

ttitttiffiT U J3 < k 3.-- »ffiJM14«|p)±-r 5 

x a $ nr v ^ v ^n^ffl -> x -r a k Jiffl f § & £> 

[0 0 8 9] L»ii ^r>y hflJfflf5ffl#S335{i^- 
7-y hUXh^eHLTfeO, hW3&51fc]3310tf 
5*.&ftifc»^fc* f-7"<y h^B"J^3305^;rjV>Tf-^r>y 

h yx h^*timLxmz&titztix^&fr*m'<z 

(s t 3 3 o 8) o 1&m?%$><Dtfmfftl£?- / r>y hm 

SU?3305 i: W$«3307 8 0 f "JfflWHElHlIfc ffl 

k Lxmi$hmm307<Dm*?-trv b V X HciiinUE 

(S T 3 3 0 9, S T 3 3 1 0) „ C<DB^ &Wl 
/ vy fn'i3306 1 mi #-l8iB'J?3308£&:b-frT8H1l L T 

S335tt«i»)fiJfflHl^lHl»% 1 «U, WSE(jlHl»i:SOfiJ 
fflRrffi@»i:OgA^-rfUffllil»3311^i& (S T 3 3 
11), cn*S3©^SM^©331*?>bTSW + 
U>yChallenge306k LTi'^Ty h^S31fC^5 1 
kfctC(ST3312K ^3<D£©vvy ^3^8336 
tcfeiM^o ^©/N-y^ifit3306^r^O**^IS/N 
>y 5/affl3312k LT^nrM^S337(CjM5c 
[0 0 9 0] iintC*fLT<7^-i'T>h^iS3nc*3V^T 
ti, ^bJ^-V l^>^Challenge306{±^ 1 cDiMSfi¥©31 

i -pgM * n, fijffl ®mn5t>mfo?£nx%>w^yi/3L 

^mmcmztiS (ST 3 l l 4) o ^St/wi/a.^ 

mmt, mmmn^mmmmiMii^z-ibnx^z 

T (ST3 1 1 5) , /vy i/:xffi3113[C#<%[5]i£3112i: 



fiJJB mi^3 1 1 5 4: OI ffl ^ f 5 n -y ~> a SIS H * 
ftft-oX (ST3 1 1 6) , ^*O^IS^-y^affl3116 

esponse307k LT&fiW- ^¥©33^CjM§ (ST 3 1 1 
7) o 

[0091] s^yis'z.mmutfitft&ikft-jjfa&tm 

>y S/ iffl3116«/^X V— K P W&tfSLSfc R 0 ^^P 6 

iyaffl3H6(ci0^xy- K P W^rftlSiEa^a— tfT* 

/ n V is a fltc felt 5 >y i/affiSH ©SSiC*^ < to 
nTV->Sfci6, ;0#gA7 i/a.fl3116^P.^cD^S/N 
-y isa-mZWrW-rZ ££&X%fj:^CDX\ W^bOiM? 

o of^±K3iT-$.§i:$n, a^j^ssst-esntifBi^ 

[0 0 9 2] cntC*tLTaf-oJ9--/^©33lCfeV^T 
ti, ESnJf- -V l/>v ? iSa : Response307i±5g 3 £>§{i3MS3 
3 1 T'SfS ^ ^® / n -y ^> a f«33 13*^tii £ ftTtg 3 « 
^®^-y^i¥©336lC^&ni. (ST 3 3 1 3) . W, 
3 <D&WLt\y v-i^!S336(i, ^gA'y 2/ift3313tC|lJ 
fflI3»3311fi:ffiS-rSgaRO/NyS/aaWH*ffftr3 
Ts ^lO^gA'y 5yjLfa3314^ggnrgg^#©337 
(S T 3 3 1 4) o ffinrH8-&¥S337{i, ^S/n 
-y ^> j.fifi3312^Zl^^^'y j.ffi3314i:<D— ScW/i£* 
ff^rl/^ (ST3315, ST3316K MX&ZftZ 

mmm%a33i5%, m 3 (Dmsm^mi^frLxtm 

}lftIResult308i; LT ^ T > Y ¥©31{CjM D (S T 

33 1 7) , 7^^r>h¥®3i(cfei/^TS:fn$n?. 

(ST3 1 1 8) „ Z<DjjmiC&9, ??'CT>b^® 
31«^X7- KPW%sSnJ-9--A¥ia33^:#46fiSBH^ 
(cn^-rc: 2:ft< % n0*T'|g|iE^>y h305^i$fflL 

[0 0 9 3] fcti, W±cO^Tii^7^r>h¥®31 

^xmmm^^-m<D tz xsk &w m*tm? 
%Mf8.tLrzb\ mm^y hvwmmc-r^xofm 
<D&®/^is^m%mimmnLxmmm^mmcm 

it§Mi:LTta^ «HEIS«¥©316 

[0 0 9 4] ^tCs 0 5li:jSL;te&4©HfiSJ&J8<DK8SE 

^ffl^/c«^©lf»{^P¥S328&0 : ESIiE?^liE¥l53 
330l¥,ffl^«^JR^K^^O^T, 0 7 RZfm 8 

[0095] mmTWm^mzm, 07{c^-r«ta 
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t , n»r>a h ft 3 MUSt*— 2 > n -y ~> a 3MS32 

L-cjfo+r- A«a§t£tattt-s^-A±t>iii 

IB«¥©328D i: , ftii»73 ^©B^SQU^Tft 3 Willi 

2T3;«iwa328E t > mm.?*?- z fcaye-r s sbse? 

31)l£3Nfft328F t^IILTl^o 
[0 0 9 6] C<DgiiglJ?IB1t¥©328A{i, flIJAff** 

SgT-#tj£T*£S 0 Wfe?— ^/N-yv'i¥a328C(i, #iR 

«v s y -> a h © r ;i/ =r u xi±m&fr&/vtmm®ti& 
s^fe^t'j xT?»*uf 

B§^J=g328E{i, 09*.fcfqft#7 , ;l/:iU XA£ffi*jAA,f£ 
81 SUBS $ Ht^MilWffl /n-t7ft«Sn5 0 
C CTBg^T^dT U XAi: LT«U 0IRfc?D E S ^ h U 
7*;l/DE SftiftfWC^So ^SE?Sl^m328F{i > 

[0 0 9 7] $/2, j^»$tSt¥l8333{i, El 8 {CjjVf 

3A £ , / n <y is a. i$ffi h £fi= ft 3 2 CD jg^'- Z>\ V is 

¥©333B t > <5#K3l i: ^W-; ^©32 £ 

^WaotBft i: UT^fO-9--^«iffi||%Eta-r S® 2 <D 
■9—/ <#iI»IE«¥K333C t , KiillTj ^©Bg#MS* 
It ft 9 2B 2 ©«iffl«^SBS^¥©333D i:> x-* 

mftn* s f-- * ^«#©333E i: , wu^mm^m^ 

K* JrbK^ffi-r S J£«#K333G i: JUI L T t^S 0 

[0 0 9 8] £©g£»»!t^fS333A^ 
&vm& SM„ m 2 OS^f- V is a ¥®333B, 
% 2 ©"9--/^8nMEtt^&333CRtf IB 2 ©ttiiilTljS 
Bf^¥IS333D(i, ^^1^07^*5^^3280, 328D, 32 
8E i: [HlC <fc 3 tC*ffif£2 nS„ x-^y>^l§333E«, fi»J 

*««W!0»-e«iia*nso sgtf#»gij?Ba^¥S333F 

¥S333Cti, J:btS!IalKOffi-&-&fi:«fc 
Ulltfcm^ fcSWi^cDnvtf a. — iff u 7*7 A 

[0 0 9 9] W±0<td{C«fiR$nfcSliE?^*n¥©32 
8S.tftSfiE^^aiE¥l5333cD|il]^tCOV^TlKB^-r§o KSE 
: ?Wp¥S328T«, $?\ g§3sBU?fBtt¥|g328Aa>5 
t*- 2 aBB#S328BfcBliE-9— ^ f§ 

iT#iisij?328at Lt«f&*nn>5. x-^ans^s 

328B&, m 2 ©5MS##S321 «fc D W%Ih1SSc3202& 
^•9"-/ WJ73203 1 > ISIiEF.S -a¥IS326 J; D fifc^iS 



/ n -y v- a {132 lOt, fgtItf-B#3Ma322 «t D f# fc ^ A X 
*>7°3211i:, v^^-y m9JT*l«#gt327«t»)»fef- 

^•yF iisij?32i2 1 s ei«sij^aa«^©328A«fc o if fcfg 

ff#ISSiJ?328a fc ^^i6 6 nfc/E#TM^T3i*g x 

- ^ g|3328b i: L Til^T 2 '- * / n >y ^> a. #©328C&tfKSE 
?jS*S^ia328FfCjMSo 

[0 10 0] ^7 :? -^>'N«y^jL#m328C«, x-^g(5 
328btc2tr -5/ %>y 2/ ffiM h ^ff ^ -3 T, ^g^O/ % >y 

Bg^#a328E«, ■9-->S£3I8iE«¥i9328Dfr P.^-^ 
«aai328d%f#T, cn*BS#g|fcfflV^T/N-y>'3Lffi32 
8c^rBf^-fbtT, y< >y-b-^ffin- K328et LTISSE 
^3l^©328F(C^5o &SE?ii*S^i8328FH\ x-^ 
g|5328b{C^<yfe— ^SiEn— F328e^rjl^bT, SSffi^ 1 

f"j hf ; -^32i3^m7 L j-rs 0 

[0 10 1] ISIiE^iiE^ia333T:ii, £U\ If, 

^ <yfe— v^fflEn- K333at-r'-^g|5333btfC^^ 
?n, ^•ytr-^ffi3-H333a«J:b|fe¥l9:333G{^ x 

- $ mMbltm 2 OJl^x- 2 'Wis a. ¥-&333tJ&ZfT 

- ^ »«i#©333Ete ^n^'niM 6 n s 0 S2onsf- 

^/n >y 5> i ¥I8333B^ x— ^ 8P333b(C^-T 5A'r>a 
\m h %fT* o T, USUI© / n -y ^> a ffl333c^m 2 0«ffl 
Sl73^BS^#|3333D(C^So S6 2 0«iBMKfSl«^a 
333D«, m2<D-9— /^ttjiSiIB1i¥IS333CA^-9— ^« 
M8l333d^WT, cn^Bg^^tc/IJ^T/N-y is j.ffi333c 
^Bg^jtLT, i;b«fflP< •y-tr-v'KEn- K333et LT 
J:b"K¥©333G{cMSo X-^?}-|i56¥©333Ea, x-^SP 
333b% ^-fi^X^y 7°3302 1 "9"-/ ^glj?3303 1 =f- f V 
Y i!iBiJ?3305 £&m^ y is a ffi3306 i: ^01^3307 52 

nmmwm308t K»(tbTa^r« fcfcfeic, 

ISBiJ?3308tCO^T{±fgf7#^iJ^M^|S333FfCtiM 
So %R#liB'J^^#S333F{i, afr#|RgiJ?3308A^ 
^320i«yiJ?^ if 3 fr£R8£-U fi8-&*5*333f 
^J:bf5#IS333GtCjMSo Jt«¥S333G«, M^SS333f 
y< •yb-> ? ^liE3- K333atJt^ffl^ 
•y -fe-i^lgtiEn- F333e i: «<— SrT « & fc £: f c^ffiitS 
S3304^my3-T So WIS«3304^"ie D ft LfcjjVT© 

i/^-rnt-sstL/cW-^T-feSo 
[0102] ^{c, m5com4<DmiM&m<Dmm'>x'r 

l!!II?Mi!jn^©328R0 : ISII?^fI^IS333Oli^Rt;») 
ft^COV^T, 0 9&tf01 0%#BgLT^-TSo ^9 
fCfel^T0 7 fcSftSOfi, -9— /WSIifB«¥l9:328D 

i #o^M»73^Hg^iKg5a*iati-r s g mrnmsM^ 
S328cst;^pjii^oBg^a%ff ft 3 ^r^n^Bg 
##®328H*aa^ ^ jsjc s o g mmmmm^m328c t 
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328Hi: LT«\ m%.l£^T)l>3V Xl**Mfrj&A,rm 

[0 10 3] gcTc, Hi 0fc£5t^TH8 £gft5CQ&, 
SI 2 ©tJ--^#iI8fE«¥®333C, gl 2 ©^iltfcfraSBg 
9#l3333DKtr»fT#W8iJ?iR^#gl333FOf«ti t) tc, 

»S«¥S333HfcJ\ SSEU-v ^K32©*& 5 "f 

-'Vj>fflmmm^m33i{£ lthu m*.** mesa* 

&0B«#5Sa»#8l333J4:LTtt, fid*tf»^7^JU 
X A£r*I^}A A/fciHSlHl!S* ft tiBi#MS*ffl 7°n -tr -y 

M«73 ^«^#S328H{Cfet t § m^Tfrd U XA tCttjSfc 

[0 10 4] W±OJ:3fC«figSn/-cSIE^ftP#S32 
8SO : ISE^ 1 !I#®333cDi!jf / Ftcot^T^B^-ri.o &KE 
?tt*n#S328t?«:, g»giJ?Kt8^S328A, x-^jl 
*,'i¥IS328B, jililS-r- X / a y ~> a ¥IS328C»ffijft « El 7 
£ |rH$T*& t> , X 8|5328btf KSE? *JS¥&32 
8Ffc, /\y^a|S328c^BUtt^«S^^©328Hte, ^ 

n^n«*&£ns 0 &Mmftj*$B^m328m±. mm 
itffita¥ia328G^ 6 aa5«B«328f %»t> c n^Hs^at 

tC ffl V * T / n 7 5/ a {i328c£r Bg^f t LT> -r 5> * 32 

8gi: LT!HK : ?ai!IS#S328Ftei£3o af.;ffi?3i^i¥IS32 
8Ft±, t*— *SI5328bfC7*^£;l/S£328g;&3i)|gl,T, IS 
HiE^X-y hT ; -^3213^m^t-§o 

[0 10 5] g:fc, ISIiE^IiE¥S333T-«, ig 
W&-fryh -7- X 3301 *^|I?5ri8t^©333A(c A7J f£ 
ft, xv'^vl'^asagi:^— ^g|5333bi:lC7jSi^n, -r 
5> * ;bS«333g« 4>BH»7? S*#^S333J fc , =r- ? 
333b«il 2 (DW&T*- Ztsvi/a. ¥K333B& tf -r- X # 
K¥ia333Efi:^n^ f nS55tl5 0 Sg 2 ©jglS-r-^vy 

3. 3MS333B«, 7 s - X g|3333bfC^-T -7 ->3. j&W h 
*ft ft o t\ vy '>ifi!333h*JtlSE^S333GfC33S 

§0 ■r-*#Ji#a333Ett, ^'-X^SSb^X^AXX 
> X3302 h*y—t ^WftV? 3303 §igij?3305 i: ^ 

n 7 ~> a ffi3306 4: #'?i)15]ife3307 1 fgfif 3308 



*«¥S333H{i, 8ff#MBiJ?3308#B£fc]©g|iE , 9--^ 

31 (^/-ctt^or-9— ^32) ©IKBiJ?*^ 5 

L> fig^i|g«333i%Jt«^©333G{caSi:i:€>fc, «ff 

#IKSU?3308fc^-r§1r-/^^ii333j;&^BBil73S 

«WI5333J{CjMS 0 

[0 10 6] &BB«735£8«^K:333j{i, -9— 
333j ^«^»(Cfflt>T7 f ^^;l'*«333g«r«^kLT > 
it«ffl^'y >-ifl333ki: LTJt«#©333G(CjMSo it« 
¥S333G{4, BS^ilSS333i^— a*^-T*\ /vy->iffi 
333h i: tbKffl/N -y 1/ n. fi333k t: gfT %>fr%&blc& 
IISS3304^m/ L l'r 5c ^SE^*3304*^t»^ L^/TxT 

[0 10 7] COi^tc, ^fflEv-X-rA^C:©^^ 

omfozmz ztic*.*), ^7^7>h fiij^itwsaiMi 
[0108] cms (D'Mmmm) m 5 (ommmmx- 

[0 1 0 9] 01 1 ItftStD^MBf&lClStfZmUi/X 

So 01 1 fCfc^TEM a— *fV>^7 
x-X5rJ#o ^7-Y7>f #1841 i: n.— tf^SE^ff ^ 7 
KK-9— ^¥|g42i:T'3&oT> /^I533{±^fe 
Ic/c:, KmE^-V U>^JS^Response40lA^ 
-f'f>'^7i-X^LTA7J?nft/U7- FPW 
i:SLii(R 0 i:£DJglS(c^LT 1 gOA-yJ/aSBH*!! 

l fciss i: ^ v << r y h #S4 i mmmn l ft mm 
mnMLs o bcommmwmmm^k r @J (i^ffl^ 

402, 403#£&&7/vy v-j-MS^S^ISfiEfflgL^S 0 

> v ; JS« ; Response404^ i: t ft 5 m -y 3" ^ 

HfflgL^ S 0 KM? n - k m<D/\ -y ~> a ffiW-V& § 

[0 110] K±«i7*7'D h3;l/i/-v->X(cJ; 

<7-7-rZ>h^©4Hi/^X7-FPW^ISnI9--^ 
¥©33*^4&rc^=#fCW^-r C fcft < , n @$T'ISIiE 
^^■y h402^ffifflLT^iJffllgnJ^»§Ci:^-et, IS 
liE^^-y h402*V^X7— FPWtiI«€)rt§T'$5 

[0 111] COi^i/D h3;^-^>x£J#Ofg 
U^XxA(D«fiSctCOV^T|2I 1 2COii7n-y^0^# 

BgLft^^si^-rsc 

[0 1 1 2] Hi 2fct5V>TfeH5i:Sft5<D«, 3.— 
If-Y > £ 7 x - x Jtft-o 7 7 -Y 7 y h ¥©4 1 & X}=L-^f 
ISiE^fTft 7 ISIiE-7--/^IS42-efeo T, ISnJ-9— ^¥ 
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#®326©ftfr 0C> Ay-> a ilH £ff & 3 ^ 2 CD/ n 

m 2 ©flfffiwiftaa¥S422, ^5hftgaoA7 

a iS« H £tf 4 5 S 2 <D£g/N -y zy a #IS423^iglt, 
-»©tt«*a»fcjiltlc & 3 c IMEfflSLI8M¥!£41 1 

2, 422tLTi±, tfmmm®mmm-c?zz>o mz<D 

/vy->a#IS421i:LTti, W*{£Vvy i/ajfiff HOT 
;l/=f 0 XA^W^jA/urc^gClnJSS^MnT- $ § 0 m 2 cd 
£a/vy $/ a #S423i: LTB, M^^421 fc|3|«©iaj| 
|n|J»K m**7 -f - F/^ »y ^ "T * *S«Sl ■"f'SSt* * ^ y h 

mux d sis t Mfr-gfr^ rzffimc j: o l t t &v \, 

[0 1 13] lXt<D£5l,cm&ZtircVm.i/7>7-I*<DW} 

SgffigjRAuthenticate Request301 tfMM.?-fr V V^tf) 

[0 114] h^®41&t/S2KE^-^ 
#©42fcfc^T, jKIs iS2c051Sfa^lS31U 321, A 

7^^©3i2, huwmm.3u. 9mmiRmmi5, 

m 6 com^t \s]m-(:-$>K>, EStES^Authenticate Reque 
st301&O : ^|iE^-vU>> >, Challenge302^X«^nT, 

■f r y h #S4ifc*iv^T«3.— tfSttEiaafii&as] 

4l0l*fe{±IUfflKnI¥JilieS&ii»J3l04jbV ^!BE^-^¥ 

®42tc *s v > t i± mmm2o\ t v—/ m^\^2^> t x 

7- F3204i:^^il5gj4202i:^ j f U>^a»3206i: 
IBA^¥S312, BW8SL»£JS#I841i;fttf3§ 1 ©SMfe 

W3eaa¥a4i2fc5^p,ns^, wa&iHi»42oia<gr 2 <d 

n >y a ^5423&tf |gtI?tt&P^S328t;: 5 tl5 
^^*iiftl4202*^2(D^>y:>3L#S421> SLtfc 
*JS¥©324Rtf^-y'y M»BiJ?^fiK¥IS327tcage.n« 

[0 115] ^tc, P^'CTy h^®4HC*3^T, Kill 



ffla»£j8^a4i i rL-^iMiie»ja^4ioi # 
# a 5 n § t , igsE js*SE w ^ ffl v ^ n « ksm a»4 1 

02^rifffctC7>^A^oiSffi«{C^LT^ 1 ©jftffiW 
8ftaft#®412&tf«ffifBtt¥®316{i:SIS (ST 4 1 0 

1 ) o mmmm&3im, Mumn,m4io2*mmmc 

§"T§ (S T 4 1 0 2) o m 1 cD^fti2«J^IIfO¥K412 
P.-+f|^IiE5ttJIIHift3l»]4101^x.P.nS fc, /vy 
-> a ¥®313«t <0 ntc^y a ffl4103 i: s&tIfflSli&4102 

LTfSnftiaAy ^^{14104^ l ©263WI#gt31 

L^>v : jS ; S : Response401 1 
— ^^l542fCjM^ (ST4103, ST4 1 04) „ 
[0 116] cmiCfcfLT^SE^— M¥©42fCfet/^T 
ISliE^^ U->>>"jS ! S : Response40Hi:^ 2 ©SSff ¥ 

©32 1 T-gfi * n> n *y * ffl4204*^w s nrm 

2CD^fflWH«P#iS422fC3Men§ (S T 4 2 0 

2) o — ?5rT?®2 0/N«y">jL#S421{4, ^^SSffl^P4 
202*^0 ^-r^tC /U7- F3204t^-V 
SLi(3206 1 deKWlA7 -> a. ifclf H %fT^ oT, |g 
fgO/N >y a ffi4203^:®' 2 <D Jftffi Wi&JI? P#|g422{C« 
*&LTV^5 (S T 4 2 0 1 ) . ^ 2 O^ffiWIiafn^S 
422«, Sg2^N-y^a.¥©421<t D#/c/N>y->a.{a4203 

i:J!£L/vy ->^ll4204i:OHt ! e-y hacD^fflWi^HfP 

2<D&&L'^yiS3.^m23lcm% (ST 4 2 0 3) = W, 
2 <D&m>\y ->a#S423{i, SS;ffifflSLSS(4205tC« LW 
a&@»4201 ffl S \ y S/a. H t s ,T, H 
JgcD^IS' >7'>a ffi4206*^l|iE?#in¥e328fcS« 
(ST4 204) o 

[oi 17] ot, ^^-y hmm^^m27, mm 

ft^f#©322, ISIiEW*P^S328CDll]ft«0 4, El 5 <D 

^g*3209©ftfc> <3 tC^^g*il*P4202^fflV^^, IS 
aE?#iP¥©328*^S!lliI»3202&tf^S/ ffi321 
OcD-f-tfe D tC#»fjlHli$:420 1 Rlf^y-vy ~> affl4206^ffl 
^S^WiD, ISU^^-y hx-^32l3i:{iS*«rt 
^©SaE^-^>y hT ? -^4207A^#P.n (S T 4 2 0 

5) , m2<Dm&m^m32iitftLzmm?->rv Micke 

t402t LT^7^7> h¥S41{caSe.n5o 
[0 1 18] cntcWLT^^^ryh^^Hc^oV^T 
tt, h9ESi©3HSM^®311> Maa^y-y HSRf^S3 

14A-50 5, H6o«-&i:iBi«{cDj#u mmm^nm 

«jffi*P3104^^?>nfc^-a-tC, ISMf-y>y HTicket40 
3A^|gnIS*Authorize Requests t tlClft- 
33{Ci^e.n> *r2&0»3112# £S/vy ^a#S317^« 
In tl%> 0 

[0 1 19] enfeoff ^¥IS33©«)ftt»EI 

5, 06<Di§-a-fcP3«T-&t)> ISoJf'-V Uy^Challeng 
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e306^jM$n^o 

[0 12 0] CtllcttLrt^JT^h^&AUCtS^T 
«, itufBSfU ©aSS©#S311, £-©/N>y~>a#©317tf 

IBtt#iS3 16«fc OffS© t i iSSIffl SLf5<4 1 05 T? & 0 (ST 
4 10 5), cntCttLT&Iiasff&frftSc f ^tP 

% , -y > a ¥S3 1 7*^s& ia»3 1 1 2 1 mm mm 1 1 

5 1 OfCfl a f S »/v «y a MS H **t& o T 

(S T 4 1 0 6) , $£Jil©^f3/vy i/affl4106£rlg 1 © 
S^t¥l231 1 LTlnfft U> >>'JS^ ; Response404 
t LTKW— ^#gS33fc}£3 (S T 4 1 0 7) . 
[0 12 1] CtUCcfcD^r-tf— /^IS33^t#S^pJ^ 
S>'jSS : Response404# ? i: & & 5 ^£8' \-y>a ffi, 
fSSE^-y Micket403^t t&^SAy ->Mlte, 
0 5,06 Oil t v ~> a ttMltfmte 

ntcw-r /^¥S:33oi&f^fe0 5 , a 6 ©*& 

£ InJttT «fc < , 2 n >y ~> a - x >y * 

LT, IEl!5£tg&ft{f^a&Result308jb*M£n> ^ 

D , ^7-Y7> h #©4 l(i/U7-KP / * 

KPWi »±^H8#-eS±140«fc 0 V h 402 

[0122] u±.(omm-r:it^ : y^TyY^mi 

t C *3 V > T f U ffl ( IS Rl^M© (C a -y > a ffl & f 

ttsMhiTfes^o ^©t§i=r, ««aa*8#S3i6 

[0 12 3] C©£5fC, IgiEv'T.f-A^CO^SS^ffi 
ci:tcJ;D, ffll W-UMSBI 

*3%ti%>m&mmtf3.-*fmmffim t mmmc & « & 
[0124] (S6 (Dmmmm) m 6 ©hss^«i©is 

[0 12 5] 014tt CWlPIv-X-r A©7°n h 
^7r<ffu hnAiz-iryxltSSo 01 4fc*5<^T 

0 4i:s^§©«, h^issi&o-tsnj-y-- ^ 

#S53T*&oT, |g|I+f-A¥l§32«^t) 0 £ 

/c, kbi-9— M533b>e.^v-rr>h¥m5Kc, icjia 

Result308^fcfetcMffStl/'c|l!|iE^^--y Kicket501# 



[0 12 6] C(DmM.^^ry Micket501«, 
■y h305&Cit^T, ^O^^ffilLTt^o 

[0 12 7] IWJiE^-y h305T'©n + 

~> a iHJf n - k + 1 >y 5/ a ftJtt£& ( k « 

mm®®.) tl*«*6tlT^«. ISIiE9 L '7--y h305T- 

nmnmm n a o f us nr^iu» n - k ^b^*. 5 

[0 12 8] C©73&t;:J;9, I'yJTy h^5Ui, 
/U7- FPW*BrT9— ^#K53^r^i6rc^H#fc^ 
^-Ttli:^:<, ntHSTl^aE^-^'y h304^M*ff^tlfc 
ISiiE^y-y h501^fgffl LTffJfflgRT*#S C t^T'f 

s. £fc iff ho^^Lx^y^saiiis 

[0 12 9] c©J;3^7 0 n h3;l/->-^-yx^WoaS 

[0 1 3 0] m 1 5fCfcV^T, 05 tS^4©«, 

h^asi&t/iBw- ^¥S53t?fe 0 . mm-- 

*5t>T0 5©^-5^r>h¥IS31hS75:?.©t±, ^>y 
h«##IS511*^oI-9--/^S53A^©^!»E^-^<y M 
i cket501 ©If Jl^-y -y h t 2 - # 5 1 01 1 ffiRT' 1 4 * ^ lc 
Lfc^fC$.i>o */c, Ifnl^-^¥S53{C*51>T0 5© 
aM^-^¥IS33tH^4©«, hfiJfflSgi^m 
531*^ 0 f Offl nJtiSl^ fe m7JT§ © i: U S 3 © 
^® ^ n -y ^ ^ ¥©336©f^tJ 0 1 IS©^ n >y >- a SBS H 
*fT*5m3 0/N«y^i^®532*iatt, IfK^^-y h 
m*ff SlfW^^LTf^Pt-^S 2 ©iBEWJp^ 
IS533^*TfcfC^tt, -g[5©,^^2^i6fc^tcfe?> 0 
[0 13 1] £<D?-tr>y bUft^m5UtLTlZ, 
•y hfi^S314fcR«0««««««*iiJPLT«fflT 
f5« ^y>y h?iJfflSiI¥IS531i:LTti, ^>y hfij 

fflgii^S335 1 mm<Dffif&tf$tiM%mi}QLTmmr*2 

So ^3©^N'y^a¥®532h LTti, ^ij «V s <y i/ n 

4o S2©SSE?^*P#S533fcLT«, ISII?f^n¥ 
®328tWI«©«fiR*^ffl-et5 0 **J, ±IB##S% 
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[0 13 2] &L±<D£ : ?lcmiil-£tirzmmisXy L 2±<DW} 
tSIiESsRAuthenticate Request301^fSSiE^^r <y KW$J 
[0 13 3] S-T, ^^7>h#jg5i;&t/f8IiE-9--A 

«t D^v-fT>'h#S51'NSfflE^^ Micket304*^ 

[0 13 4] 7> h^lS5HCfeV^T 

M\ Hi ©a§S{I^©31H±0 5, 0 6©«-&i:R«fC 
ftfFU &r>y h&«f¥&51Ui05, 06©JS^-O^ 
7-y h«l^a314i:ra«fc:iftffU EME^ - y hTicke 
t305*mSnIS*Authorize Request i: i: t KKW— /<5 

8&HHR31 1 2 tfsXffl * froggy n y i/ a ¥133 1 7fcj£ 6 n 

•So 

[0 13 5] C*UC*f /^I553tc^31/->T 
Hi 3 OiMSm#S331, SBIltB#¥©332, KSE^Ift 
SE#l8333;K:tf >y h- ^T^J^©334« 05, g6© 
*^fcra«»cl&ft?U *-ir«y h HSiJ?3305 i: -y -> 

a fjft'3306 i: it$t&M»3307 1 #3BJJ"J?3308 >f^-yh 

^sjasmioi^f-^y vmmmm^2>\K\m^ 

f-^-y h*JfflWl#a335i:«lJPI«{cft^LT» 

Q8C530l£$ 3 (Dm^m^m33\^Lz%m^^ u> 

v-Xhal 1 enge306 1 L T * =7 4 T Z/ Y ¥S5HC 0 , £K 
> n >y a fu'13306^: * <0 $ $ \ V is a ft&'5302 1 L T$ 
HJBg-a-¥fS337{ciM5*\ S 6 K ^ «y h f»J? 4:St) 
^Jfflmfiglt!lii(i:^-/^i5!i)JiJ : ?Offl5303^ttiyi LT3fl 2 co 
|g|E?#AP#m533fCjM§o 

[0 1 3 6] £ft!,Ctt-?Z>?9'l'T>h^&51(Dmi / ¥$> 
0 5, 06OiI^i;[R]aT-SD, ^rT^ P^Challe 
nge306^*t LTilgnT^ U> ^j^Response307#iig2 

tlSo 

[0 13 7] cn&cttLT^W-A3M853fc:*5^T 
^pJ^-V b > SyjS^ResponseSO?^ 3 <D^Sfi¥ 
®3311?gffi<= *U £K/vy ->ifig5304jb^m<*ftTS 
3 ©/vy ^a^g532R^ 2 ©Mffi?#An#S533tCjM 
P>n-5o §g3<7VvyS'a¥]l8532&, -y a ffl 530 

4fC/vy ^aSISH^T&oT, ^'r>iOSS^ 1 tg 
* fc-4K§,W n -y -> a. ffi5305*igPrfig£-3^8337{C&3 

(S T 5 3 0 1 ) 0 ffipTB8^-#a337«, ^y>a 
ffi5302 1 ~^»®.f \ »y -> a {15305 1/ > 

(ST5302, ST3316), fig#l|g*5307*^ 2 

[oi3 8] %mtm^-m22i < i.m^mmmmLxts 

^f*ta#S533fc{ltt& LT^So SI 2 ©tgSB^ttiP^ ©5 



=?■ <Dffi5303i: N>y ~> a fi5304 i: ^ AX £ > 75306 

i: Snii7—/^53 i Mz^-rwn^mm? t %mm l, c 

ntc>t L TISE? ^r^fiSc L Tf^P L -y h -r- 
^5308i:L (ST 5 3 0 3) , ^ 3 0^{f¥S331* 
/TLTlStiE^^-y HTicket501 i: LTE^pja*PResult308 
i:i:t(c^^^T>h¥©5l{ciM§ (ST 5 3 0 4) „ 
[0 13 9] cmcWLT^7^7y h#IS5HC*3^T 
{±, KiaE^^-y Micket50HiH l 4)£BHl¥S311-?$ 
fl^ti, ^SE^«y h-r'-^5101i:LTtffl2^7-y hffi 

if¥©5incjMe.n«#$nT (stsiok s t s 
io2), im<DmmwR^mr:°®.mzti2><> 

[0 14 0] CtllCk <0 ^7^7> h#l§51;fr>P>8gHj"+f 
-/^©53{CjMP,nS^!iE7 t y>y h305*^i:fc«:5^a 

fT<<DT', SRr-9--/^©53T{i/N«y>aSI»« 1 ®<D 

So C077i*ti:j;f3, y7^7y h^©3Hi/^X7- F 
P W%ffiRl-9— /S¥a53*^«>fcM!=#fc:HI3fr-r c t * 
<, S^tt«J;i3ffiV^|iE9 1 '7--y h305^fflLTnN 
^T'J; 0 5®!/ ^JS»^fIBI Ufflig RT^rlf « C t ft Tf # 5 „ 
[0 14 1] &*>\ W±©aji^T't±^^-rryh¥l551 

v r fijffls rI¥)So tffc ^ia/ n >y s/ a fi^tt»-r 

0#Sa7 '>affi**H9lt* t T«lffiiat8#S316fC|B 
tt1"S«fiSct LTfeIl\ ^O^, ttttaBtt¥@t316 

[0 1 4 2] CCD «£ 3 tc, ^Sfi^^rSWgSEv-XxA 

[0143] (as 7 commcomm) m i co^mmm<Dm 

[0 1 4 4] HI 7 8, clOlSIEiXXT-AOT'n hn;I/ 

Ba¥S64*aiiPLTV>«o *fc, ISKE^-vU^^iS^ 
Response303^S^rc|g|iE^-/^S62A^|IS*Authe 
nticate Request301*>e>^tB Isfc^'rv hiig'J^T I D 
fctf— /TOBU^S I Di:*fjaiH«ni:*i:feaofcKiE 
^-^^y h»fTa»ffi^egistration601*KSE^^y h 
Ka#S64'\25SjS, I^oJg^Authorize Request602^ 
mm^k%t$>%:5^ SRTS^Authorize Request6 
QZ&Zftmtty hTicket305«rS»fcRRr-9--/^®6 



(21) 



# m 2000-222360 



3/^i5Jg5)<Authorize Request602&O-'fgiiE^-!r y h305 

*^ML/cf^7 hwbkpt i Dtv—^mi&s i 

^Update603£irSE^'y hBi!^S64^\3M5^, Ctl 
tCttLT^gtc^tXTfgliE^'y HB*&iI»]Reject606 
t> v M-Zft%>&, WM^\ l/>J>'Challenge60WfiJffl[Hli( 

& 3 ^ ISW -Y Is y ^jS^ResponseeOSAV <!X V ~ K 
PWi: SLiSt R 0 i: co^tcW Ltn-k+l SO/ n y is 

a. mm h *m x^r^mc £ e, tc r k k ©gf as wi&aa* 
[o 1 4 5] cojjmc&t), ^^-fyyh^-mm, 

^1-(lfc*<, nHJ$T«^^ h304%f£fflLT*U 
fflffiHj£f#3CktfT , #, fOTHMk^^/'y h¥ 

V hea¥S64T^-i«y^f «^c4&, ISHE^y>y h304 

[0 14 6] £©7°D hn;l^— ^yx^OlSv'X 

1 8tCi5^Ti>l]5 kJ1&S£D«, ^7-T7'>h¥S6 
l> KSE-9— /<¥&B2. /<#S63-e*o 
T, £&fc:i8JE*"5ry Mfii^©64^3lltraUTV^o £ 
fc\ ^7^7> h¥l561(C^3^T05(D^^'l'7 r >'h# 
®3lfcW4*©»4, EMB^-y h ^fSflf-T Shi: fete 

©^ijffl ishk k *wu-r §f7-7h fsft if a¥S6i i * ^ 

hfiNS#a314©ffcb»>fca&W\ t£>y htt©J#flSW 

naftiSiMtf?* 5 1& i ©Wffie^ssafq¥ia6i2^K 

©62(C ^ T 0 5 / ^S32 k g% % <D It « IS 

[0 1 4 7] $fc, E?J^-/^©63fC*5l^T0 5<Ql3 
pj-y--/^l333kg&§cQ«\ MM^^ry h©f^7 h 

«*&-T 5 k k fcESE?-^ v h SMMfT^-r- * 

®335©^fe t> tc s*w\ ^jffltsnJ5aa«tcSL^%*^-r 

Sgl 2 ©SL&£fiJt#©632, tT>y hSOfifflfiWHaftifi 
5 2 £DPfflS^f^afq^®633^K^, -apo 

[0 14 8] CO^ry HS&gJ!¥®611kLT«, 

ffie^^ain¥i§6i2, 633 k L-n±, m^mmmm^ 

fflT-^So 5^-y h^ilJ!t^3M£621kLT«, fl^Rtf 
BraaiHlSSTbTOT-^So +>Ty h»»TffiS¥©631 k L 

©6324: LTli, a»4fi!c¥a324fc|Rl«©«fi8*^ffl-e 



t5„ ISttB^-y h«S¥I8:64k LT»i, ^SiM-TV 
* 7 x-XSi k x- * £>yj-»J*£i^T& 5 ItaiHlSS k 

t'Jr/WXtCffl^KiDMttS. ft*, ±15 

</\ 

[0 14 9] J^±<D,J:5fC«|^$nfeffiaE'>Xf-AO» 
SSiESdiAuthenticate Request301^ISiEf-^ <y 

[0150] $-r, n— ymm^micmfzz^^Ty 

*) ^^^Ty b^mfil^m^.^ y Mlcket304^?. 

riSo ft/cu ^^-rr^ h^fiS6ife*3i/^T(i, Lot 
^o^-^r-y Y$m^mu<DMft*?-'ry vuttmm 

S611^ff*3o /^#IS62{ct5V^T{i, IS 

ffiS3j<Authenticate Requcst301*^iRttJ^nfc*^fH| 
»6201 tt n -y -> a ¥S325SD i ISIiE^ #ftn#S328© 
iSA^^r-y hSgJB^#®621fcfcaSS5n, ^-/^aKBiJ 
^6202«ISKE : ?#An¥IS328Oi5A^'y- >y hgiSlg^# 
S621fCfe^5n, ^^r-y M»BlJ?^fi8¥®3277?^«* 
tltt* y h WglJ?6203{±SIE?#<lP^S328<OB*^ 
-!r-y hSS^¥©621{ct)M^nSo 

[0 15 1] ^^r-y hSSJi^^S621fi, ^^-y 
BU? 6203 1 *T-> ^glj^6202 1 WS&@»6201 k ^iSIS L 
TKB^-5ry h^f^ii^f : '-^6204^Jjicb 1 ^2 
0^m*@321^bT^!SE^^<y h^T©ii^Reg 
istration601i: LTlSU^'y hga¥IS64fC^S (S 

t 6 2 o i ) o ctiz&ifrcmm^'ry hmmmui 
rtry huxh^eatTfcD, isiiE^^-y bmmu 

^Registration60lA' i ^-x.^n^Jg-a-ti:, ^y>y hli 

su? i: *?ii@S5! k a o ? Uffl mm®.*^? m 1 1 row 
sftiHiao«a%^^y h u x htcjiiDLga'itt-So 

[0 15 2] LntWLT^^Zy h^lS6HC«5V>T 
t±, ISSIf-y-'y hTicket304«m 1 OSSff^lS311TS 
fS^n, KSE^-y y h7 J -#3110#&ffi£ftT7 t 'y--y h 

fs^sa^seiHcssnSo hfs^ga^isen 

a ISSE^ ^ -y h 7 s "- * 3 1 1 0% -9— / <lttgij?3 1 0 1 k WlS^ 
%SO^JfflnIti[H]mkLT|^B#fcSaL (S T 6 1 0 

i) , fijfflKRr¥«e»a»]6ioitf#*6.ftfc«^fc:, 

ilfE^^-y hf- ^3111^ 1 <D3M§<b#©311^^L 
TlfJiE^^-y Micket305kLT, $fc, SD^JfflnJ^ 
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%tfrtt\<tt\z&K>'mzmmmm\02* (st6 i o 

2) m 1 ©3MS:fS^©311?r)>LT|SnIS5)<Authorize R 
equest602i:LT, IgRlU— /^©63(C}M 0 (ST6 1 

0 3) , ZZlc ^!SE^-y \-7—2frz>mi>rcM$b 
m R3 1 1 2 % -y f a ¥IS3 1 7 m Z> o 

[0 15 3] CtUCttLXMalV-- /^gg63{C:fcV>T 
ti, ISSE^'y Micket305&t>lSnJS5f<Authorize Req 
uest602«^ 3 ©iMSfi^SSlT-gfi^ft, tSIIf-^ >y 

h -r- * 3301 £ nT^Sffl$SHMS333{C3M 5 

tu fuffl 0^6301 «ffl?nt^7 hMiTffi7S#ia63 

lfCj&SftS (S T 6 3 0 1 ) o E§BlftB$#S332, fSIE 
^^fiE^iasSSR^^y v h W?AWS^®334t±Hl 5 . 121 

^S63HCfc3M5>ft, W?ijil»16303 ti^^r'y hHffJI/S 
^miRZf m 2 toa»*J«^l9:632{j: at s ns o ^ v 

hi!ifffl3*¥ia63Hi, Yj%iffi*P6303^%-X. 
f-'T <y h HiBiJ^3305 / ^gij?6302 i: fijffl E1&6301 
t ^iffi^i L T&SE^ y h SMISfJIif- *6304££ 
)SU m3c03MSff#S331^/rLTESaE^^>y h®JS 
iE»rffi^Update603fc LT^SE^'y M?S#l364fCjM 
£> (ST 6 3 0 2) ?Ufflls]iSc6301%^cDSS 
flJji]|n|£S«>306i: LT3S 3 O^gMy ^>a¥l§336^ 

*B7nUpdatc603*"lxe»nfcJi^-{C, ^r-y MRgiJ?* 

7-7F JlffiS#T^Update603# t fc * 3 fijffl [H$ i: <D 
^f-fc-BtTS Ct?:fx7yLT, IE Utfttff-^ >y 

h y x hff oaowfflnr^iiia*^-rii* 1 wu, iel 

< i&ttftff&iSE^'y hffiii&jffi3iPReject6063:i£Dig 
To iSII^-y hffi*ea»]606ttffinI-9---' < C¥S63lc*5 
t^T, a&'3 0^§fg¥IS331^5>LTaf!aiE^^ y hJB«S 
iI^'-£6305^ LTMSB^'y hS«f»^#S63»c 
iM5»n^o f-y-y hig*fJfijS¥®631{4, ^©/vyfa 
fB3306^^OS$^S^-y f affi3312£ LTffinTI5a-&# 
S337fCiMS tf, lEf^r >y h jgl&Ifcnx- 2 6305*^ 
*5ftSi:Cft&«JjI:T3 0 gf 2 ©SUR£/a#g632 

(4, #^aft)6303*^^e,n5i;> f-?itfflof+ 
is y vimmsmmc ic^y^i^ic^Lrmz <D$m 

t£l\LTtm=?-^\sy fChal lenge604 tX^XVUTV 
h¥S6HCjM§ (S T 6 3 0 3) 0 
[0 15 4] CfLlcttLZ-t^^Tyh^micld^T 
ti, im^V U>f Challenge604{±fg 1 ©jMg{t¥l.§31 

n?«M*n, ^-v \syi?$Lmi03i)WtiAznrm 1 © 

»«lWIMia#a612t3S6tl* (S T 6 1 0 4) o £ 

isy-vy ->a#®3i7tt, ?uffligRr¥iiijeaiji*P6ioi*^ 



affi3113^t#T, /W> 3.m3U3lZ%$]m%(.3U2t.fflm 
0^6102 t ©MfCffiST n V */ a iH^H *ff& 
ot, ISS^^'vyf affi6104£, 3? 1 ©SfffiMffnS 
ffi^®612fcSS5 0 m 1 ©PfflWI#iIfO^I§612«, fljffl 

ssRr#jne»ja*p6ioi*^^ £ftTi/^J§£-fc, 

■y->af!6104i:^-^ b>i>'SL^6103i:Ora-etr-y htt© 

mwmmmn^m^^ mA^w^v 5/afii6io5% 

^fiicb, ® 1 ©jM§{f^S311^LT|SnT^ 
Jt5§FResponse605t LTPTt- ^¥IS63tCiM§ (S T 
6 105, ST6 10 6)„ A 7 i/aS|tHA s M^ 

0, (KD*SL^S/N>y~>affi6105{i>'^X , 7- KPW, SL 

SiltmS^ft^ C CDMSL^IS^ n >y ~> a ffl 61 05tC 
i^U7- HP W*ftJSiEa*rL— Ifr-feS Z-tt^ifs 
2ti3„ Sfc, iiStc^^(D(?§($H^|S^'y->a«tc 
fc^t § / n <y -> H <D&Mtf& < ff Zit)tlT V^S 

J6, C cd^S/ > -y -> a fi6104fr 5 %!.<0&W \ -y -> a. fjg% 
thKTSJlfct,-e#ftv^©T-, tt#4bQ&B&%V\, * 
fe, ^N-y^a^Miti-liSfcBg^SJ: Hio Offf^± 

[0 15 5] tin(C*fLTSlBl-9-— /^©63(C*3V^T 
«> U-^^fS^Response605«^j 3 OiMSfa¥ 

S33 1 TSfl $ n, IILfiL&W n ~y S" a ffi6308*^m S ft 
2 (D^fffiW^SfP¥©633{C3M6»ft5 ( S T 6 3 0 
4) „ m 2 ©«Mfiltti&afQ¥S633{i, ^-vUVv-'&iSe 
307i:m^©/N>y >-affi6308t<DfSITlf -y hfSOfiPftil 
WI#ilfO^»^lf * o T\ / n -y ^> a f!6309^t#TS 
3<D^©/N-yiya#IS336{CjMS (S T 6 3 0 5) . Wi 
3 CO^g^'y ->a^S336t4, ^g/N-y fa ffl6309tCflJ 
/H 0i!i63O6fCffi ST * S»<0 / n >y S/ a o T, 

,^«©-^^g/ n <y f a m33u*m.f>im^®33ncm 

5c I^BJM^-¥S337«H5, H6<0^-&i:|nj«(cl)ft 
L> 1^31^^-^3315^^ 3 «j^Sff^S331%/1-b 
T ,^ nTiifclResu ItSOStLX^^^J'yh ¥IS6 1 tc ^ 
0, ^^'T7'>h#a61fc*j^TSM*ftS 0 fcfcU 
ISSEf-^'y K*g*fe)ittlReject606O§<i{C<t O^ia^ y 
3/ a ffi33 \2(D\mtm± £ ft fcig^fc (4 C <DM t) T7 « ft 
^ (ST 6 3 0 6, ST6307) 0 C (Dottle ct t) , 
* 7 -f 7 > h ¥IS6 itt/^7-KP W^IM-y--/ 
63«r-g-4&/&HH#{c^7b>T c i: % < , n H $ -eiSIiEf-^ 
-y h305^ffl LT^O^W- ^¥SfC*f LT^lJffl 

[0156] ^4b\ ^(Dmmza^^^Tyhmm 
tcfe^rf uffliSBj^]ii©fcti : tc^©/N >y f a mmmt 
%Mi$.tLrct>\ mmnrv kd^»^{ct^t©s» 

O^©/ vr>. ffi^*tijft» LT«MJE«¥a316fcC 
liTSfllfiSctLTfeS^c «!6fBi8#S316 
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[o i 5 7] ce>«fc5{c, coms^ffi-eti, isis^ 
{BbT9--^{c** LT^iilcffl^S »tt 

[oi 5 8] im8<Dmmmm) mscommmmm^ 

[0 15 9] i2 0(i s CCDI^SI^Xf-AO^P h^;l/ 
^^•T7°n hn^^-^^XH-ea&^o 0 2 otc&i^T 
0 1 4 t^^^cDti:, 7^"CTyh^&71, ISIIE+J--^ 
^im&tftSW-; ^1273"? & o T\ £ <=> fCfg 2 ©12 
W- /^©74%iliinLTV^o ISnIS*Author 
ize Request701A^lJffl[Hl^k^:i: fgWSsRAu 
thorize Request70lRt/S!iE-9 L ^ y Kicket305£:§:tf 

^¥©73^fgRrS : 5(<Authorize Request701& 
tftgiE^^'y h305^?>^mbfc^y>y hM9U?T I D 
t -9— MMU^ SlDf: ftjfj Hiak£;;&i;fc&^ fe^liE 
f-^r >y h«SPJI£lnquiry702£l2ffi^-/^S72f; fctt 
28 2 cO,ffioJ-9--/^S74^§^, cintC^tbT^SfC 
(SUTKiaE^'V hJg^ji»]Reject705^M^n?.^, 
ilgnj^-v l^>i/Chal lcngc703*^ijfflle]it k cOftfc D (C© 

•V U>> :; jS? 5 fResponse704AV^xy- KPWtSJ&R 0 
t<DJI*§(C*fLTn-k + 1 &<Dsw is 3.m9-H*ffiL 

mime zzicRkt mmmmimmn*ft% ma 

[0160] c<D^mcx<o, t^^ryY^-wam^ 
x7-kp w*mmv— tv&saz* m 2 <Dim*y->^ 

WA^^Tc-M^lzm^t £ t & < , n Hi: T'jg$E^ 
h304^Siff$n/cES|jEf-^-y h501^gffl LTfUffl 

rcmmv-'^fflzzrcitmm l rem 2 <Dmtv->^ 
wi^m-DX^-^y ??%rci6s mm^y b304%m 

®L<DmMl -9—^^1573, 74-ettjltC^iJfflpltezj: fc <D t f 
%£t frO^x -y *«ig© h77^yy 

[0 16 1] dcD<£5&7°n hn;V->-' 7->X%^o|S 
iI>'X^^O«fiSctcO^T|2l2 1 £#F,3L&^£,lJ{H£-r 
So 02 1 (CtJ^TfeBI 1 5hW&2>m±, ^7-T7> 
h¥IS7K ^#1572, Kfll*— ^¥©73T*fco 

T, ££{C^2©&W-^¥S74*iI;!inLTl/'>3o $ 

rc, ^v-i'ry h^iS7Hcfc^Tia 1 5«^^-rr> h 

$®5l£:fiz3:3cQ^ MM^-y £*>K 
=tm "Jffl @» k % glit" 5^^^ fSJtWH^ S71 1 £ 
v^-y M«#^®511cDf<c:b^ci2»\ Iff hm<Dfflm 



KfiE^-y hOfgfT^gSLTF^c^-rs^'y h 
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